info.menlosecurity.com Open in urlscan Pro
104.17.70.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://salesinfo.menlosecurity.com/t/101967/c/6b6a82db-ffb0-4ca2-ac0e-01e7c6c1f99d/NB2HI4DTHIXS62LOMZXS43LFNZWG643FMN2XE2LUPEXGG33N...
Effective URL:
https://info.menlosecurity.com/Remote-Worker-CarePack.html
Submission: On August 10 via manual (August 10th 2020, 9:16:51 pm UTC) from US

Summary HTTP 51 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 26 domains to perform 51 HTTP transactions. The main IP is 104.17.70.206, located in United States and belongs to CLOUDFLARENET, US. The main domain is info.menlosecurity.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2020. Valid for: a year.

This is the only time info.menlosecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.45.1.109 52.45.1.109	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.214.51.252 3.214.51.252	14618 (AMAZON-AES) (AMAZON-AES)
12	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4001:818::2013	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.109.95.62 104.109.95.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	147.75.75.106 147.75.75.106	54825 (PACKET) (PACKET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.16.101.12 104.16.101.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	35.163.4.161 35.163.4.161	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:ac00:13:a3bc:6800:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	192.28.147.68 192.28.147.68	53580 (MARKETO) (MARKETO)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	147.75.102.13 147.75.102.13	54825 (PACKET) (PACKET)
1	147.75.102.197 147.75.102.197	54825 (PACKET) (PACKET)
1	52.17.192.34 52.17.192.34	16509 (AMAZON-02) (AMAZON-02)
51	27

1 52.45.1.109 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-1-109.compute-1.amazonaws.com

salesinfo.menlosecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.51.252 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-51-252.compute-1.amazonaws.com

app.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.17.70.206 (United States)

ASN13335 (CLOUDFLARENET, US)

info.menlosecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.fpoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.75.106 (Parsippany, United States)

ASN54825 (PACKET, US)
PTR: pkt-ewr-k2-shared-ingress45

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.101.12 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.163.4.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-4-161.us-west-2.compute.amazonaws.com

app.hushly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:ac00:13:a3bc:6800:93a1 (United States)

ASN16509 (AMAZON-02, US)

hubfront.hushly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN53580 (MARKETO, US)

281-owv-899.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.13 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress3

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.197 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress11

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.192.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-192-34.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	menlosecurity.com 1 redirects salesinfo.menlosecurity.com info.menlosecurity.com	620 KB
7	hushly.com app.hushly.com hubfront.hushly.com	176 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	73 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	marketo.net munchkin.marketo.net	8 KB
2	gstatic.com fonts.gstatic.com	18 KB
2	facebook.com www.facebook.com	522 B
2	facebook.net connect.facebook.net	167 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	fpoimg.com www.fpoimg.com	7 KB
2	fontawesome.com use.fontawesome.com	81 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	38 KB
1	twitter.com analytics.twitter.com	651 B
1	mktoresp.com 281-owv-899.mktoresp.com	311 B
1	t.co t.co	448 B
1	google.de www.google.de	106 B
1	google.com 1 redirects www.google.com	170 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	155 B
1	zoominfo.com ws.zoominfo.com	723 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	41 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	24 KB
1	googleapis.com fonts.googleapis.com	840 B
1	salesloft.com 1 redirects app.salesloft.com	545 B
51	26

	Domain	Requested by
12	info.menlosecurity.com	info.menlosecurity.com www.google-analytics.com
6	app.hushly.com	info.menlosecurity.com app.hushly.com
3	munchkin.marketo.net	info.menlosecurity.com munchkin.marketo.net
2	fonts.gstatic.com	info.menlosecurity.com
2	www.facebook.com	info.menlosecurity.com
2	px.ads.linkedin.com	1 redirects info.menlosecurity.com
2	connect.facebook.net	info.menlosecurity.com connect.facebook.net
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	www.fpoimg.com	info.menlosecurity.com
2	use.fontawesome.com	info.menlosecurity.com
2	stackpath.bootstrapcdn.com	info.menlosecurity.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	analytics.twitter.com	static.ads-twitter.com
1	281-owv-899.mktoresp.com	munchkin.marketo.net
1	t.co	info.menlosecurity.com
1	www.linkedin.com	1 redirects
1	www.google.de	info.menlosecurity.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	hubfront.hushly.com	info.menlosecurity.com
1	ws.zoominfo.com	info.menlosecurity.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googletagmanager.com	info.menlosecurity.com
1	cdnjs.cloudflare.com	info.menlosecurity.com
1	code.jquery.com	info.menlosecurity.com
1	fonts.googleapis.com	info.menlosecurity.com
1	app.salesloft.com	1 redirects
1	salesinfo.menlosecurity.com	1 redirects
51	32

This site contains links to these domains. Also see Links.

Domain
www.menlosecurity.com
www.linkedin.com
twitter.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
info.menlosecurity.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-06-17` - `2020-09-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.hushly.com Amazon	`2019-11-13` - `2020-12-13`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-06-18` - `2020-09-16`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-06-16` - `2020-09-14`	3 months	crt.sh
*.hotjar.com Amazon	`2019-09-27` - `2020-10-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Frame ID: A635AD3371BCD74673FDD350FC082642
Requests: 50 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 395D615712969A6C4263D212D4A2FDA0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://salesinfo.menlosecurity.com/t/101967/c/6b6a82db-ffb0-4ca2-ac0e-01e7c6c1f99d/NB2HI4DTHIXS62LOMZXS43LFNZWG... HTTP 302
https://app.salesloft.com/t/101967/c/6b6a82db-ffb0-4ca2-ac0e-01e7c6c1f99d/NB2HI4DTHIXS62LOMZXS43LFNZWG... HTTP 302
https://info.menlosecurity.com/Remote-Worker-CarePack.html Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

51
Requests

96 %
HTTPS

53 %
IPv6

26
Domains

32
Subdomains

27
IPs

7
Countries

1285 kB
Transfer

3112 kB
Size

11
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.menlosecurity.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.menlosecurity.com/privacy-policy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/menlo-security/

Search URL Search Domain Scan URL

URL: https://twitter.com/menlosecurity?lang=en

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Menlo-Security-411677528985544/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCN0AikN5dKnhEhmtQddAYqg

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://salesinfo.menlosecurity.com/t/101967/c/6b6a82db-ffb0-4ca2-ac0e-01e7c6c1f99d/NB2HI4DTHIXS62LOMZXS43LFNZWG643FMN2XE2LUPEXGG33NF5JGK3LPORSS2V3POJVWK4RNINQXEZKQMFRWWLTIORWWY===/info-menlosecurity-com-remote-worker-carepack-html HTTP 302
https://app.salesloft.com/t/101967/c/6b6a82db-ffb0-4ca2-ac0e-01e7c6c1f99d/NB2HI4DTHIXS62LOMZXS43LFNZWG643FMN2XE2LUPEXGG33NF5JGK3LPORSS2V3POJVWK4RNINQXEZKQMFRWWLTIORWWY===/info-menlosecurity-com-remote-worker-carepack-html HTTP 302
https://info.menlosecurity.com/Remote-Worker-CarePack.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=789892686&t=pageview&_s=1&dl=https%3A%2F%2Finfo.menlosecurity.com%2FRemote-Worker-CarePack.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1215852610&gjid=1071425457&cid=1080907606.1597094143&tid=UA-41161362-2&_gid=1209088752.1597094143&_r=1&gtm=2wg7v1WL64MFJ&z=854372204 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41161362-2&cid=1080907606.1597094143&jid=1215852610&_gid=1209088752.1597094143&gjid=1071425457&_v=j83&z=854372204 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41161362-2&cid=1080907606.1597094143&jid=1215852610&_v=j83&z=854372204 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41161362-2&cid=1080907606.1597094143&jid=1215852610&_v=j83&z=854372204&slf_rd=1&random=777150428

Request Chain 29

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&url=https%3A%2F%2Finfo.menlosecurity.com%2FRemote-Worker-CarePack.html&time=1597094143005 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D474058%26url%3Dhttps%253A%252F%252Finfo.menlosecurity.com%252FRemote-Worker-CarePack.html%26time%3D1597094143005%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&url=https%3A%2F%2Finfo.menlosecurity.com%2FRemote-Worker-CarePack.html&time=1597094143005&liSync=true

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Remote-Worker-CarePack.html Show response
info.menlosecurity.com/
Redirect Chain

https://salesinfo.menlosecurity.com/t/101967/c/6b6a82db-ffb0-4ca2-ac0e-01e7c6c1f99d/NB2HI4DTHIXS62LOMZXS43LFNZWG643FMN2XE2LUPEXGG33NF5JGK3LPORSS2V3POJVWK4RNINQXEZKQMFRWWLTIORWWY===/info-menlosecuri...
https://app.salesloft.com/t/101967/c/6b6a82db-ffb0-4ca2-ac0e-01e7c6c1f99d/NB2HI4DTHIXS62LOMZXS43LFNZWG643FMN2XE2LUPEXGG33NF5JGK3LPORSS2V3POJVWK4RNINQXEZKQMFRWWLTIORWWY===/info-menlosecurity-com-rem...
https://info.menlosecurity.com/Remote-Worker-CarePack.html

50 KB
10 KB

553ms
331ms

Document
text/html

104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d3966790f986f849844716bb7378d93f45fb1ce8c720def8308f87921569b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: info.menlosecurity.com
:scheme: https
:path: /Remote-Worker-CarePack.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 10 Aug 2020 21:15:42 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d9a1741600c5aafd3a7d73870c65a0d9c1597094142; expires=Wed, 09-Sep-20 21:15:42 GMT; path=/; domain=.info.menlosecurity.com; HttpOnly; SameSite=Lax BIGipServersj21web-nginx-app_https=!BPUH1zJN6+PU4XXInuzRy4alk/3R/j/5RjU/KaiBo3DxfHsEOtAem2VxlrAmoHoF5CS3FXiD4qThHC8=;Path=/;Version=1;Secure;Httponly __cf_bm=b5bc9d4927058d671d9ac4c662b89a3c0f949a98-1597094142-1800-Ab3kUATbIL8QQuQFZoTsSbm5Z0L6ic2YvDyHQ6CeV2zEltdsJ+YvFnlR6Cpm/IqrvvL/9v9NACuiK5jQ2m5AH+Y=; path=/; expires=Mon, 10-Aug-20 21:45:42 GMT; domain=.info.menlosecurity.com; HttpOnly; Secure; SameSite=None
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
vary: *,Accept-Encoding
x-content-type-options: nosniff
x-cache-status: MISS
x-mkto-nginx-cache: true
cf-cache-status: DYNAMIC
cf-request-id: 047bd3ba230000bd82c6362200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c0cbbd69f6abd82-AMS
content-encoding: gzip

Redirect headers

Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Date: Mon, 10 Aug 2020 21:15:42 GMT
Location: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: b7ffabef64d8fa51b2c28d645f8a0099
X-Runtime: 0.033878
X-XSS-Protection: 1; mode=block
Content-Length: 124
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 7 KB
840 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 10 Aug 2020 20:32:51 GMT
server: ESF
date: Mon, 10 Aug 2020 21:15:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Aug 2020 21:15:42 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
23 KB 27ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Origin: https://info.menlosecurity.com

Response headers

date: Mon, 10 Aug 2020 21:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:40:50 GMT
status: 200
etag: "1550076050"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23237

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 28ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Origin: https://info.menlosecurity.com

Response headers

date: Mon, 10 Aug 2020 21:15:42 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
status: 200
etag: W/"5a637bd4-1111d"
vary: Accept-Encoding
x-hw: 1597094142.dop227.fr8.t,1597094142.cds269.fr8.hn,1597094142.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
13 KB 39ms
13ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Origin: https://info.menlosecurity.com

Response headers

date: Mon, 10 Aug 2020 21:15:42 GMT
content-encoding: gzip
last-modified: Fri, 02 Nov 2018 15:16:46 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 theme-Menlo_19q2.css
info.menlosecurity.com/rs/281-OWV-899/images/ 42 KB
6 KB 220ms
219ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.menlosecurity.com/rs/281-OWV-899/images/theme-Menlo_19q2.css

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d33d28eb4fa01365e32cd42d425a053e3c5fee4a438ff553b14a6495d914bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 6199
cf-request-id: 047bd3bb770000bd82c6374200000001
last-modified: Sat, 01 Aug 2020 04:59:30 GMT
server: cloudflare
etag: "24812aa-a73c-5abc9c554623a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5c0cbbd8b91ebd82-AMS
expires: Mon, 10 Aug 2020 21:16:43 GMT

GET
H2 200 flex_em_menlo_logo.png
info.menlosecurity.com/rs/281-OWV-899/images/ 6 KB
6 KB 211ms
208ms Image
image/png 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.menlosecurity.com/rs/281-OWV-899/images/flex_em_menlo_logo.png

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09639550a874d32e98cc1ed846697325d38b8e5b3c9f8ed0433e21bd90f820fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 6376
cf-request-id: 047bd3bbad0000bd82c6379200000001
last-modified: Sat, 01 Aug 2020 02:52:01 GMT
server: cloudflare
etag: "2480b8b-18e8-5abc7fd689a5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5c0cbbd91966bd82-AMS
expires: Mon, 10 Aug 2020 21:16:43 GMT

GET
H2 200 forms2.min.js Show response
info.menlosecurity.com/js/forms2/js/ 205 KB
68 KB 189ms
185ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.menlosecurity.com/js/forms2/js/forms2.min.js

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f24c51a94a931f1bdd7c3dacc9ebb3848305f5eb5a3feddf0b01227f6c778c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Jul 2020 19:04:14 GMT
server: cloudflare
etag: "23e1928-33237-5ab0c67dc4780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 5c0cbbd91964bd82-AMS
cf-request-id: 047bd3bbac0000bd82c6377200000001
expires: Tue, 11 Aug 2020 01:15:43 GMT

GET
H2 200 v2MenloSecurityCarePackage_Preview.png
info.menlosecurity.com/rs/281-OWV-899/images/ 381 KB
382 KB 280ms
277ms Image
image/png 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.menlosecurity.com/rs/281-OWV-899/images/v2MenloSecurityCarePackage_Preview.png

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d178c3f772f1d6f70e6ea219891ebdae84ce6e00a19c04b4e11c94fb4ee5a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 390374
cf-request-id: 047bd3bbad0000bd82c637a200000001
last-modified: Mon, 03 Aug 2020 23:32:44 GMT
server: cloudflare
etag: "2483cd8-5f4e6-5ac018e306aa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5c0cbbd91967bd82-AMS
expires: Mon, 10 Aug 2020 21:16:43 GMT

GET
H2 200 Kowsik_Headshot.png
info.menlosecurity.com/rs/281-OWV-899/images/ 119 KB
120 KB 211ms
209ms Image
image/png 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.menlosecurity.com/rs/281-OWV-899/images/Kowsik_Headshot.png

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2ff7603e181dd6deabcc5f3df14aa93d5f60ef521bcd728c8b9530d0a2e254b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 122277
cf-request-id: 047bd3bbad0000bd82c637b200000001
last-modified: Sun, 02 Aug 2020 17:28:28 GMT
server: cloudflare
etag: "2482906-1dda5-5abe859a85d6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5c0cbbd91968bd82-AMS
expires: Mon, 10 Aug 2020 21:16:43 GMT

GET
H/1.1 200
OK 200x175
www.fpoimg.com/ 3 KB
3 KB 1483ms
1423ms Image
image/png 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fpoimg.com/200x175
Requested by: Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Protocol: HTTP/1.1
Server: 2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 297c87a32ce981db24613f67f791283d5915192520bedcfc8943261797c9e22b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cloud-Trace-Context: ef8161731b9a8d33ddbaa8e66c074007
Cache-Control: public, max-age=43200
Expires: Tue, 11 Aug 2020 09:15:44 GMT
Server: Google Frontend
Date: Mon, 10 Aug 2020 21:15:44 GMT
Content-Length: 2846
Content-Type: image/png

GET
H/1.1 200
OK 300x155
www.fpoimg.com/ 4 KB
4 KB 985ms
925ms Image
image/png 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fpoimg.com/300x155
Requested by: Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Protocol: HTTP/1.1
Server: 2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: fdcd2790d37888153326c39b58c480b2b0e65bf8593ef61da50804c4ead7070d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cloud-Trace-Context: 46c115ed1d120849e054436545675e50
Cache-Control: public, max-age=43200
Expires: Tue, 11 Aug 2020 09:15:43 GMT
Server: Google Frontend
Date: Mon, 10 Aug 2020 21:15:43 GMT
Content-Length: 3704
Content-Type: image/png

GET
H2 200 Briefs.png
info.menlosecurity.com/rs/281-OWV-899/images/ 6 KB
6 KB 207ms
205ms Image
image/png 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.menlosecurity.com/rs/281-OWV-899/images/Briefs.png

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a2f1072d987f85fef0a303c97cf31cd8b059d6c01dbf4ba7b69e5d5bf9cc1f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 5645
cf-request-id: 047bd3bbad0000bd82c637c200000001
last-modified: Sat, 01 Aug 2020 12:52:14 GMT
server: cloudflare
etag: "24818e3-160d-5abd05ff50733"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5c0cbbd9196abd82-AMS
expires: Mon, 10 Aug 2020 21:16:43 GMT

GET
H2 200 icon-menlo-security-reversed-rgb.png
info.menlosecurity.com/rs/281-OWV-899/images/ 7 KB
7 KB 209ms
207ms Image
image/png 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.menlosecurity.com/rs/281-OWV-899/images/icon-menlo-security-reversed-rgb.png

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d7c12506baaa78b751683ac71141e414461777b27d63abd71546f0b9fa0486

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 7021
cf-request-id: 047bd3bbad0000bd82c637d200000001
last-modified: Sat, 01 Aug 2020 06:17:00 GMT
server: cloudflare
etag: "248142a-1b6d-5abcada799135"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5c0cbbd9196bbd82-AMS
expires: Mon, 10 Aug 2020 21:16:43 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 30ms
14ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Origin: https://info.menlosecurity.com

Response headers

date: Mon, 10 Aug 2020 21:15:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11056083
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 047bd3bbb40000176ee5026200000001
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Tue, 29 Jan 2019 12:15:56 GMT
server: cloudflare
etag: W/"5c5043fc-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5c0cbbd92d96176e-FRA
expires: Sat, 31 Jul 2021 21:15:42 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
15 KB 14ms
10ms Script
text/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Origin: https://info.menlosecurity.com

Response headers

date: Mon, 10 Aug 2020 21:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:40:57 GMT
status: 200
etag: "1550076057"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 15434

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// 1 KB
1 KB 66ms
21ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 21:15:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 stripmkttok.js Show response
info.menlosecurity.com/js/ 2 KB
788 B 209ms
206ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.menlosecurity.com/js/stripmkttok.js

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 678
cf-request-id: 047bd3bbad0000bd82c6378200000001
last-modified: Wed, 22 Jul 2020 19:04:14 GMT
server: cloudflare
etag: "23e18dc-602-5ab0c67dc4780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5c0cbbd91965bd82-AMS
expires: Tue, 11 Aug 2020 01:15:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
41 KB 27ms
25ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WL64MFJ

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc5c4c3be3b8d20bd7df70e98e6ec31ca1f10a9ee024b6ea710b7eb628e48fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:42 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41743
x-xss-protection: 0
last-modified: Mon, 10 Aug 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Aug 2020 21:15:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL64MFJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3603
date: Mon, 10 Aug 2020 20:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 10 Aug 2020 22:15:39 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 21ms
7ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL64MFJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 21:15:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=31363
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 63ms
20ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL64MFJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a2684adb4b431902ef03f7959757f5163ed2ddc548e216654fa7858b1f4fd9b

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:42 GMT
content-encoding: gzip
age: 76315
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1942
x-served-by: cache-fra19128-FRA
last-modified: Thu, 06 Aug 2020 23:59:10 GMT
x-timer: S1597094143.996413,VS0,VE0
etag: "1d9536984a3ff7a629eda3f70ceadd20+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 hotjar-1854968.js Show response
static.hotjar.com/c/ 13 KB
3 KB 350ms
172ms Script
application/javascript 147.75.75.106
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1854968.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL64MFJ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.75.106 Parsippany, United States, ASN54825 (PACKET, US),

Reverse DNS

pkt-ewr-k2-shared-ingress45

Software

Resource Hash

c44313e8eaadcc3a9f9137338fb179657b8378b258af1f1a28b51c4185ec1a1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjarjs
age: 0
status: 200
section-io-cache: Miss
vary: Accept-Encoding
content-length: 2485
cache-control: max-age=60
etag: W/7c5b573c1ce2b13f4388acaeff65cf35
access-control-max-age: 600
section-io-origin-status: 304
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.084
accept-ranges: bytes
section-io-id: 4c2d930ce5a05699167b8ab668b8660b
section-origin-responded: true

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34269
x-xss-protection: 0
pragma: public
x-fb-debug: Mh2+t9F9ds7+WITTtKXyES13yIrMC3P8dQbU1XTfDrF2ebcwTkkTvNvftIJr7OaIpEM8E8GQzrdarzZ2mkFXeg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 10 Aug 2020 21:15:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 23ms
21ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 21:15:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 GQ57xOfAtqXGOqCfMFaF Show response
ws.zoominfo.com/pixel/ 0
723 B 332ms
288ms Script
text/javascript 104.16.101.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/GQ57xOfAtqXGOqCfMFaF

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.101.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: Express
status: 200
content-length: 0
cf-request-id: 047bd3bc160000fa708ca73200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5c0cbbd9b939fa70-AMS
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for

GET
H2 200 widget.js Show response
app.hushly.com/runtime/ 633 B
1 KB 562ms
181ms Script
text/javascript 35.163.4.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hushly.com/runtime/widget.js?aid=83162
Requested by: Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.4.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-4-161.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 614c54f2480e7fc3f5efa2734b6d41c1276f905ee8384f21f34bed321cdb9ac2

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 10 Aug 2020 21:15:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript;charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 embed.js Show response
hubfront.hushly.com/ 91 KB
25 KB 791ms
737ms Script
application/javascript 2600:9000:2182:ac00:13:a3bc:6800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hubfront.hushly.com/embed.js
Requested by: Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:ac00:13:a3bc:6800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: fda2327ef25806f92bd51f508037ba34b2230e71496ef2927dbba4d4ec09e7cf

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
content-encoding: gzip
last-modified: Fri, 07 Aug 2020 07:53:20 GMT
server: nginx/1.17.6
x-amz-cf-pop: DUS51-C1
etag: W/"5f2d0870-16b22"
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: _Qs58dtnPM32KWLhckRm526f9Lj_3Skyersf16r-ccAAUH932TaauQ==
via: 1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)

GET
H2 200 MenloPattern_LandingPAge_Menlo_Transparent_Pattern_LP.png
info.menlosecurity.com/rs/281-OWV-899/images/ 10 KB
10 KB 743ms
743ms Image
image/png 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.menlosecurity.com/rs/281-OWV-899/images/MenloPattern_LandingPAge_Menlo_Transparent_Pattern_LP.png

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ece654744b48532ff76ec389b4a50fefde431ebb63ee2223379fb62f4193ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 10255
cf-request-id: 047bd3bc180000bd82c637f200000001
last-modified: Sat, 01 Aug 2020 04:53:46 GMT
server: cloudflare
etag: "c00895-280f-5abc9b0d3b857"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5c0cbbd9c9cbbd82-AMS
expires: Mon, 10 Aug 2020 21:16:43 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=789892686&t=pageview&_s=1&dl=https%3A%2F%2Finfo.menlosecurity.com%2FRemote-Worker-CarePack.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41161362-2&cid=1080907606.1597094143&jid=1215852610&_gid=1209088752.1597094143&gjid=1071425457&_v=j83&z=854372204
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41161362-2&cid=1080907606.1597094143&jid=1215852610&_v=j83&z=854372204
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41161362-2&cid=1080907606.1597094143&jid=1215852610&_v=j83&z=854372204&slf_rd=1&random=777150428

42 B
106 B

17ms
17ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41161362-2&cid=1080907606.1597094143&jid=1215852610&_v=j83&z=854372204&slf_rd=1&random=777150428

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 21:15:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Aug 2020 21:15:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41161362-2&cid=1080907606.1597094143&jid=1215852610&_v=j83&z=854372204&slf_rd=1&random=777150428
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&url=https%3A%2F%2Finfo.menlosecurity.com%2FRemote-Worker-CarePack.html&time=1597094143005
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D474058%26url%3Dhttps%253A%252F%252Finfo.menlosecurity.com%252FRemote-Worker-CareP...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&url=https%3A%2F%2Finfo.menlosecurity.com%2FRemote-Worker-CarePack.html&time=1597094143005&liSync=true

0
57 B

168ms
167ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&url=https%3A%2F%2Finfo.menlosecurity.com%2FRemote-Worker-CarePack.html&time=1597094143005&liSync=true
Requested by: Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: okb9Y6kEKhbwBc6VQisAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: S83nXKkEKhZgWCt1cysAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: 7B822D4E2C6245F1AA95C969A1F22F8F Ref B: FRAEDGE1307 Ref C: 2020-08-10T21:15:43Z
x-frame-options: sameorigin
date: Mon, 10 Aug 2020 21:15:42 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&url=https%3A%2F%2Finfo.menlosecurity.com%2FRemote-Worker-CarePack.html&time=1597094143005&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 39ms
39ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 21:15:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Wed, 18 Nov 2020 21:15:43 GMT

GET
H2 200 1626328370711236 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1626328370711236?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

08beaa07313da744baf946371045c87cb9de870198336d080e778f1c4256c7ee

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134813
x-xss-protection: 0
pragma: public
x-fb-debug: ygEr+qRBCdpnvZ8WsTHbUsxYyahUA+kV+SQRu6lxQrSNggfCnswT3YOyh0YCy2Q19d4D0zr3CUhg9g8rXYKUdg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 10 Aug 2020 21:15:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 175ms
132ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nx5nr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Finfo.menlosecurity.com%2FRemote-Worker-CarePack.html

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Mon, 10 Aug 2020 21:15:43 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 58c2f00376ecbf9abd373fb552777df3
x-transaction: 00deb52b00470035
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
376 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1626328370711236&ev=PageView&dl=https%3A%2F%2Finfo.menlosecurity.com%2FRemote-Worker-CarePack.html&rl=&if=false&ts=1597094143067&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1597094143066.1242007471&it=1597094143015&coo=false&rqm=GET

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 10 Aug 2020 21:15:43 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Origin: https://info.menlosecurity.com

Response headers

date: Tue, 21 Jul 2020 14:16:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1753131
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Wed, 21 Jul 2021 14:16:52 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Origin: https://info.menlosecurity.com

Response headers

date: Fri, 07 Aug 2020 05:25:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 316198
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 07 Aug 2021 05:25:45 GMT

GET
H/1.1 200
OK visitWebPage Show response
281-owv-899.mktoresp.com/webevents/ 2 B
311 B 626ms
157ms XHR
text/plain 192.28.147.68
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://281-owv-899.mktoresp.com/webevents/visitWebPage?_mchNc=1597094143094&_mchCn=&_mchId=281-OWV-899&_mchTk=_mch-menlosecurity.com-1597094143093-13220&_mchHo=info.menlosecurity.com&_mchPo=&_mchRu=%2FRemote-Worker-CarePack.html&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 21:15:43 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 3de65618-57ea-463e-be70-2a9b895226ec

GET
H2 200 forms2.css
info.menlosecurity.com/js/forms2/css/ 13 KB
3 KB 187ms
186ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.menlosecurity.com/js/forms2/css/forms2.css

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 2623
cf-request-id: 047bd3bc940000bd82c6387200000001
last-modified: Wed, 22 Jul 2020 19:04:14 GMT
server: cloudflare
etag: "b60eb9-3437-5ab0c67dc4780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5c0cbbda8a4ebd82-AMS
expires: Tue, 11 Aug 2020 01:15:43 GMT

GET
H2 200 forms2-theme-simple.css
info.menlosecurity.com/js/forms2/css/ 826 B
746 B 181ms
180ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.menlosecurity.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 242
cf-request-id: 047bd3bc950000bd82c6388200000001
last-modified: Wed, 22 Jul 2020 19:04:14 GMT
server: cloudflare
etag: "b60ebe-33a-5ab0c67dc4780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5c0cbbda8a4fbd82-AMS
expires: Tue, 11 Aug 2020 01:15:43 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 68 KB
68 KB 17ms
17ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-brands-400.woff2
Requested by: Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/Remote-Worker-CarePack.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin: https://info.menlosecurity.com

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
last-modified: Fri, 02 Nov 2018 15:17:23 GMT
server: NetDNA-cache/2.2
status: 200
etag: "659c4d58b00226541ef95c3a76e169c5"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 69608

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 177ms
136ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nx5nr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Finfo.menlosecurity.com%2FRemote-Worker-CarePack.html

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Mon, 10 Aug 2020 21:15:43 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c4b53c63e6fd906e6fd1a93466af5eb4
x-transaction: 0072682000d824ca
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 modules.4716e7a2063e3577efe2.js Show response
script.hotjar.com/ 356 KB
70 KB 47ms
14ms Script
application/javascript 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.4716e7a2063e3577efe2.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1854968.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress3
Software: /
Resource Hash: 266735f457db00c21f638e96b57b85b5181ff4d8243b0582467085c97d102221

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
content-encoding: br
age: 13933
status: 200
section-io-cache: Hit
content-length: 70972
last-modified: Mon, 10 Aug 2020 17:19:58 GMT
etag: "ded7539834fa2bb007a8a12ac532e09d"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.024
section-io-id: 83d158901700924b6eddd9e7a848a352
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 395D 0
0 46ms
13ms Document
text/html 147.75.102.197
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1854968.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.197 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress11
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html

Response headers

status: 200
date: Mon, 10 Aug 2020 21:15:43 GMT
content-type: text/html
content-length: 851
last-modified: Mon, 27 Jul 2020 17:12:24 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.094
section-origin-responded: true
age: 1195412
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 695ffa70a99811fd4422ec728f85caf6

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1854968/ 178 B
320 B 97ms
35ms XHR
application/json 52.17.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1854968/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.4716e7a2063e3577efe2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.192.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-192-34.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 widget-35106e0aedd43719b0b4e2e6234fcfc2.js Show response
app.hushly.com/assets/ 375 KB
115 KB 177ms
177ms Script
application/javascript 35.163.4.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hushly.com/assets/widget-35106e0aedd43719b0b4e2e6234fcfc2.js
Requested by: Host: app.hushly.com
URL: https://app.hushly.com/runtime/widget.js?aid=83162
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.4.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-4-161.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 0db017ba15dbf3a821622bdc49f95619484fc160e55a2791a3180d4518b46b5c

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:43 GMT
content-encoding: gzip
last-modified: Sat, 08 Aug 2020 05:25:50 GMT
etag: "widget-35106e0aedd43719b0b4e2e6234fcfc2.js"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
status: 200
cache-control: public, max-age=31536000
content-length: 116989

GET
H2 200 widget-3debd2836c7615aa196e9521148b33cf.css
app.hushly.com/assets/ 68 KB
12 KB 178ms
177ms Stylesheet
text/css 35.163.4.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hushly.com/assets/widget-3debd2836c7615aa196e9521148b33cf.css
Requested by: Host: app.hushly.com
URL: https://app.hushly.com/assets/widget-35106e0aedd43719b0b4e2e6234fcfc2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.4.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-4-161.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6ad2dcf877b896cdeb9b23ab947549c5b9e9fb4aff8444d0a31d45b564e143bb

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:44 GMT
content-encoding: gzip
last-modified: Sat, 08 Aug 2020 05:25:50 GMT
etag: "widget-3debd2836c7615aa196e9521148b33cf.css"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
status: 200
cache-control: public, max-age=31536000
content-length: 11613

POST
H2 200 83162 Show response
app.hushly.com/runtime/widgets/ 4 KB
2 KB 559ms
210ms XHR
text/javascript 35.163.4.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hushly.com/runtime/widgets/83162
Requested by: Host: app.hushly.com
URL: https://app.hushly.com/assets/widget-35106e0aedd43719b0b4e2e6234fcfc2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.4.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-4-161.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 7a1b0ce7a7bf92c81fab2bb049dad708821fcbc11952795b94e1ccc12fefc6fe

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 200
date: Mon, 10 Aug 2020 21:15:44 GMT
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://info.menlosecurity.com
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 83162 Show response
app.hushly.com/runtime/visitor/ 40 B
598 B 197ms
197ms Script
text/javascript 35.163.4.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hushly.com/runtime/visitor/83162?callback=hushlyVisitorCallback&sid=a257792e-0259-48a1-83ab-128262a1146f&vid=4faaf960-ec56-430d-9cca-6fd51cd15071&version=2&hly-ip-address=&_=1597094144192
Requested by: Host: app.hushly.com
URL: https://app.hushly.com/assets/widget-35106e0aedd43719b0b4e2e6234fcfc2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.4.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-4-161.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: af232e1ae9f583f5fb475cfe676e90fd6283c68c21fb7aad3e0367a37b81520e

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 10 Aug 2020 21:15:44 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1626328370711236&ev=Microdata&dl=https%3A%2F%2Finfo.menlosecurity.com%2FRemote-Worker-CarePack.html&rl=&if=false&ts=1597094144571&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1597094143066.1242007471&it=1597094143015&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 21:15:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 10 Aug 2020 21:15:44 GMT

GET
H2 200 83162 Show response
app.hushly.com/runtime/countries/ 75 KB
20 KB 178ms
178ms Script
text/javascript 35.163.4.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hushly.com/runtime/countries/83162?callback=hushlyCountriesCallback&_=1597094144193
Requested by: Host: app.hushly.com
URL: https://app.hushly.com/assets/widget-35106e0aedd43719b0b4e2e6234fcfc2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.4.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-4-161.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 68b4b6fc343811ef9268a786ba1a6d45532277051d2db7804896df2b58a9b429

Request headers

Referer: https://info.menlosecurity.com/Remote-Worker-CarePack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 10 Aug 2020 21:15:44 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.menlosecurity.com/	1970-01-23 03:14:14	Name: _hly_vid Value: 4faaf960-ec56-430d-9cca-6fd51cd15071
info.menlosecurity.com/	1970-01-19 11:38:15	Name: _hjIncludedInPageviewSample Value: 1
info.menlosecurity.com/	1969-12-31 23:59:59	Name: _hly_sid Value: a257792e-0259-48a1-83ab-128262a1146f
.menlosecurity.com/	1969-12-31 23:59:59	Name: _hjid Value: ca1b9d5d-3dbb-435f-b834-b1e104117fa5
.menlosecurity.com/	1970-01-19 13:47:50	Name: _fbp Value: fb.1.1597094143066.1242007471
.menlosecurity.com/	1970-01-20 05:09:26	Name: _mkto_trk Value: id:281-OWV-899&token:_mch-menlosecurity.com-1597094143093-13220
.menlosecurity.com/	1970-01-20 05:09:26	Name: _ga Value: GA1.2.1080907606.1597094143
.menlosecurity.com/	1970-01-19 11:38:14	Name: _gat_UA-41161362-2 Value: 1
.info.menlosecurity.com/	1970-01-19 11:38:15	Name: __cf_bm Value: 33d5899d8378b27cbfe4a0b9929fea40e196938c-1597094143-1800-ATIkh3OHPPvT7sJpCyWLB29LxFpJbVXIQBuGEY54KCQ07v0tKuym//rYLfRwIHlxCMPMM06y3lSrPu/irIohlso=
.info.menlosecurity.com/	1970-01-19 12:21:26	Name: __cfduid Value: dc93c4b44e160e1fe4a3920e6acde9a721597094143
.menlosecurity.com/	1970-01-19 11:39:40	Name: _gid Value: GA1.2.1209088752.1597094143

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 281-OWV-899 [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

281-owv-899.mktoresp.com
analytics.twitter.com
app.hushly.com
app.salesloft.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
hubfront.hushly.com
in.hotjar.com
info.menlosecurity.com
munchkin.marketo.net
px.ads.linkedin.com
salesinfo.menlosecurity.com
script.hotjar.com
snap.licdn.com
stackpath.bootstrapcdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
use.fontawesome.com
vars.hotjar.com
ws.zoominfo.com
www.facebook.com
www.fpoimg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.109.95.62
104.16.101.12
104.17.70.206
104.244.42.197
104.244.42.3
147.75.102.13
147.75.102.197
147.75.75.106
151.101.12.157
192.28.147.68
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3b
23.111.9.35
2600:9000:2182:ac00:13:a3bc:6800:93a1
2606:4700::6810:84e5
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:816::200e
2a00:1450:4001:818::2013
2a00:1450:4001:821::2008
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9a
2a02:26f0:6c00:296::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
3.214.51.252
35.163.4.161
52.17.192.34
52.45.1.109
05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c
08beaa07313da744baf946371045c87cb9de870198336d080e778f1c4256c7ee
09639550a874d32e98cc1ed846697325d38b8e5b3c9f8ed0433e21bd90f820fb
0a2f1072d987f85fef0a303c97cf31cd8b059d6c01dbf4ba7b69e5d5bf9cc1f6
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0d178c3f772f1d6f70e6ea219891ebdae84ce6e00a19c04b4e11c94fb4ee5a5a
0db017ba15dbf3a821622bdc49f95619484fc160e55a2791a3180d4518b46b5c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
1a2684adb4b431902ef03f7959757f5163ed2ddc548e216654fa7858b1f4fd9b
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
266735f457db00c21f638e96b57b85b5181ff4d8243b0582467085c97d102221
297c87a32ce981db24613f67f791283d5915192520bedcfc8943261797c9e22b
3d3966790f986f849844716bb7378d93f45fb1ce8c720def8308f87921569b6e
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
614c54f2480e7fc3f5efa2734b6d41c1276f905ee8384f21f34bed321cdb9ac2
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
68b4b6fc343811ef9268a786ba1a6d45532277051d2db7804896df2b58a9b429
6ad2dcf877b896cdeb9b23ab947549c5b9e9fb4aff8444d0a31d45b564e143bb
6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f
79d7c12506baaa78b751683ac71141e414461777b27d63abd71546f0b9fa0486
7a1b0ce7a7bf92c81fab2bb049dad708821fcbc11952795b94e1ccc12fefc6fe
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
8ece654744b48532ff76ec389b4a50fefde431ebb63ee2223379fb62f4193ca9
9d33d28eb4fa01365e32cd42d425a053e3c5fee4a438ff553b14a6495d914bdd
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af232e1ae9f583f5fb475cfe676e90fd6283c68c21fb7aad3e0367a37b81520e
c44313e8eaadcc3a9f9137338fb179657b8378b258af1f1a28b51c4185ec1a1f
cc5c4c3be3b8d20bd7df70e98e6ec31ca1f10a9ee024b6ea710b7eb628e48fbf
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24c51a94a931f1bdd7c3dacc9ebb3848305f5eb5a3feddf0b01227f6c778c17
f2ff7603e181dd6deabcc5f3df14aa93d5f60ef521bcd728c8b9530d0a2e254b
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fda2327ef25806f92bd51f508037ba34b2230e71496ef2927dbba4d4ec09e7cf
fdcd2790d37888153326c39b58c480b2b0e65bf8593ef61da50804c4ead7070d

info.menlosecurity.com Open in urlscan Pro 104.17.70.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

96 %HTTPS

53 %IPv6

26 Domains

32 Subdomains

27 IPs

7 Countries

1285 kBTransfer

3112 kBSize

11 Cookies

6 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

info.menlosecurity.com Open in urlscan Pro
104.17.70.206 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

96 %
HTTPS

53 %
IPv6

26
Domains

32
Subdomains

27
IPs

7
Countries

1285 kB
Transfer

3112 kB
Size

11
Cookies

51 HTTP transactions
0 data transactions