urlscan.io logo urlscan.io
SecurityTrails logo

employeeportallog.shop Open in urlscan Pro
2606:4700:3033::ac43:ce46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://employeeportallog.shop/
Effective URL: https://employeeportallog.shop/
Submission: On August 05 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 8 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3033::ac43:ce46, located in United States and belongs to CLOUDFLARENET, US. The main domain is employeeportallog.shop.
TLS certificate: Issued by WE1 on July 29th 2024. Valid for: 3 months.
This is the only time employeeportallog.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.186.64.46 8075 (MICROSOFT...)
2 34.107.203.240 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 34.120.132.252 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 35.192.151.63 396982 (GOOGLE-CL...)
20 8
1    2606:4700:3033::ac43:ce46 (United States)

ASN13335 (CLOUDFLARENET, US)
employeeportallog.shop
1    52.186.64.46 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
shown.io
2    34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com
static.leadpages.net
1    2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    34.120.132.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.132.120.34.bc.googleusercontent.com
user.lpcontent.net
2    2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)
js.center.io
3    2607:f8b0:4004:c21::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io
Apex Domain
Subdomains		 Transfer
7 lpcontent.net
user.lpcontent.net — Cisco Umbrella Rank: 233974
22 KB
3 leadpages.io
api.leadpages.io — Cisco Umbrella Rank: 76565
1 KB
3 gstatic.com
fonts.gstatic.com
86 KB
2 center.io
js.center.io — Cisco Umbrella Rank: 85223
5 KB
2 leadpages.net
static.leadpages.net — Cisco Umbrella Rank: 82238
29 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 shown.io
shown.io — Cisco Umbrella Rank: 474350
3 KB
1 employeeportallog.shop
employeeportallog.shop
20 KB
20 8
Domain Requested by
7 user.lpcontent.net employeeportallog.shop
3 api.leadpages.io js.center.io
3 fonts.gstatic.com fonts.googleapis.com
2 js.center.io employeeportallog.shop
js.center.io
2 static.leadpages.net employeeportallog.shop
1 fonts.googleapis.com employeeportallog.shop
1 shown.io employeeportallog.shop
1 employeeportallog.shop
20 8

This site contains no links.

Subject Issuer Validity Valid
employeeportallog.shop
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
blog.shown.io
R10		 2024-07-25 -
2024-10-23		 3 months crt.sh
static.leadpages.net
WR3		 2024-08-02 -
2024-11-01		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
user.lpcontent.net
WR3		 2024-06-10 -
2024-09-08		 3 months crt.sh
js.center.io
WR3		 2024-06-23 -
2024-09-21		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.leadpages.io
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://employeeportallog.shop/
Frame ID: 506A5FC916C011168AD8078B7480F80C
Requests: 19 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: DFD64E59D865C5FE6E89CB7B77A0C888
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HCM

Page URL History Show full URLs

  1. http://employeeportallog.shop/ HTTP 307
    https://employeeportallog.shop/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

8
IPs

1
Countries

168 kB
Transfer

347 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://employeeportallog.shop/ HTTP 307
    https://employeeportallog.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
employeeportallog.shop/
Redirect Chain
  • http://employeeportallog.shop/
  • https://employeeportallog.shop/
102 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://employeeportallog.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:ce46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abca7aa2d96eb960ac7afede98c3111a36cd4bdb556b26e248616f429392f0ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ae2df401d501001-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 05 Aug 2024 01:04:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FDGCFGWKYuYtIDlrlwiMAoadsxtffmLbL4rTgMBFOryTfwxGXqdtgEQEHwYeUsCP118hbudU7JBgjtM5wZ7nvHZSb6%2FqXIUpC2ATXdKRADqGvT17qv5BL1gs4o4345dOwTzC8N%2FYasCqHNbwfgU3sf8pLyto"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://employeeportallog.shop/
Non-Authoritative-Reason
HttpsUpgrades
7Z8EDdwQ3w
shown.io/metrics/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shown.io/metrics/7Z8EDdwQ3w
Requested by
Host: employeeportallog.shop
URL: https://employeeportallog.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.186.64.46 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
29eacb5ef99d02d5b8f885e299a68268b3cdd0c77fe8d7c362ec6b5ba2ccdbba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 01:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-response-id
09211ffc-8eee-4e9f-a405-c4e6cf960672
content-length
1547
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Apache/2.4.52 (Ubuntu)
etag
"d64f8c7a56633db55bbe85dcff13c785-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-ratelimit-remaining
149
cache-control
max-age=2628000, public
feature-policy
none
x-ratelimit-limit
150
access-control-allow-headers
Upgrade-Insecure-Requests
all.min.css
static.leadpages.net/fonts/font-awesome/6.4.2/css/ 		100 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Requested by
Host: employeeportallog.shop
URL: https://employeeportallog.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 03:35:26 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
1286930
etag
"-6uIpg"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
090aaaf02916e1c58d884815670bbcae
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26836
expires
Mon, 21 Jul 2025 03:35:26 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Syne:300,400,500,700|Space+Mono:300,400,500,700|DM+Sans:300,400,500,700
Requested by
Host: employeeportallog.shop
URL: https://employeeportallog.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36163e805c23af619f46559dcac607c7ed5f55675a57fcfe32d5bdfd881e5e48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Aug 2024 01:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Aug 2024 01:04:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Aug 2024 01:04:16 GMT
tHLTsMqnSw77aTfWFETVM2
user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/tHLTsMqnSw77aTfWFETVM2
Requested by
Host: employeeportallog.shop
URL: https://employeeportallog.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.132.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e919dafd74d12a41d9d9f0b1e9c2f53d11e73af2c13a6e5297def8db2ce6cd45

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 00:13:00 GMT
via
1.1 google
age
3076
x-guploader-uploadid
AHxI1nMmtVS4FUB48KTacTHJj9IxlRqBvFgVv8Rwy2nIDo76F21dXewgLGTZevsEae0_xl3eo4o
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1304
last-modified
Mon, 06 May 2024 20:48:22 GMT
server
UploadServer
etag
"8ecd75aee8b1b58e1499a47d3d7067a7"
x-goog-generation
1715028502094404
x-goog-hash
crc32c=hO+lnw==, md5=js11ruixtY4UmaR9PXBnpw==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
1304
accept-ranges
bytes
expires
Mon, 05 Aug 2024 01:13:00 GMT
6xNLpPniYPwEpS8LGqXL52
user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/6xNLpPniYPwEpS8LGqXL52
Requested by
Host: employeeportallog.shop
URL: https://employeeportallog.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.132.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
83ea1f5514eca8c191f1b77ab5c1959cf85620a2a05df0f698a6fabfce235c89

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 00:13:00 GMT
via
1.1 google
age
3076
x-guploader-uploadid
AHxI1nNIFst_mPqPEXPdF959kistNGBPmJCV2lDP9L7NYiloTdu71j-9o4-ZWMXO6zOjVnux9i8
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2593
last-modified
Mon, 06 May 2024 20:48:17 GMT
server
UploadServer
etag
"7b7033e56625454cf562e5cae1174285"
x-goog-generation
1715028497319760
x-goog-hash
crc32c=ZYAneA==, md5=e3Az5WYlRUz1YuXK4RdChQ==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
2593
accept-ranges
bytes
expires
Mon, 05 Aug 2024 01:13:00 GMT
4T2zpfApdhALrMhTwECKX7
user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/4T2zpfApdhALrMhTwECKX7
Requested by
Host: employeeportallog.shop
URL: https://employeeportallog.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.132.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
87054a32542e16a8962bfbd40210eb51ef32602c3e0854f31e86cf1b4d6d5644

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 00:13:00 GMT
via
1.1 google
age
3076
x-guploader-uploadid
AHxI1nOOZzqwTGgMssCY9ilc7jeBCy_tG884Fl8MPPKn9Jg-TjnNgcboywraQ994w6_ZjulfrSk
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1384
last-modified
Mon, 06 May 2024 20:48:19 GMT
server
UploadServer
etag
"6d7afc2e6028ccaac9864ab3a0d30ab3"
x-goog-generation
1715028499784884
x-goog-hash
crc32c=HFdK7g==, md5=bXr8LmAozKrJhkqzoNMKsw==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
1384
accept-ranges
bytes
expires
Mon, 05 Aug 2024 01:13:00 GMT
gjPB6pNp6eG7BVRYTGsJTJ
user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/gjPB6pNp6eG7BVRYTGsJTJ
Requested by
Host: employeeportallog.shop
URL: https://employeeportallog.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.132.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3ba1870cfa04a74e1e93ab5714f1c708b410e77978adb22ce0a5192e4c2b595a

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 00:13:00 GMT
via
1.1 google
age
3076
x-guploader-uploadid
AHxI1nP-X-pw2vdj2vmK2r4HASW1rmFbBV8VAIB3qHJLgyr78QRrKew8NGGCDZ-eGRR098q8RgI
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1803
last-modified
Mon, 06 May 2024 20:48:16 GMT
server
UploadServer
etag
"a5404dcc034d5a648f1e8cc2ccd0e6a8"
x-goog-generation
1715028496268762
x-goog-hash
crc32c=pcB5QA==, md5=pUBNzANNWmSPHozCzNDmqA==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
1803
accept-ranges
bytes
expires
Mon, 05 Aug 2024 01:13:00 GMT
center.js
js.center.io/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: employeeportallog.shop
URL: https://employeeportallog.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 01:00:55 GMT
content-encoding
gzip
server
Google Frontend
age
201
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
68bb9786d1be761f80ae5accc85e283c
cache-control
public, max-age=300
content-length
5417
expires
Mon, 05 Aug 2024 01:05:55 GMT
BNb7LgJ9PXEz3kcHFke9C4
user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/BNb7LgJ9PXEz3kcHFke9C4
Requested by
Host: employeeportallog.shop
URL: https://employeeportallog.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.132.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0ded5a8bf45bdc6f83e5b1f1f02d390aa18e97c0492d45f5ce6c3c413248d19a

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 01:04:16 GMT
via
1.1 google
age
0
x-guploader-uploadid
AHxI1nPzfjAFUzHxWNxcNpfC_hOD09mpnZzjPp80lBcOJKS4eZretKHS8jAHbRcAoIVZqKmeoOg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10518
last-modified
Mon, 06 May 2024 21:01:50 GMT
server
UploadServer
etag
"e4d9d1f2eb493b4bdfe8b101fa366046"
x-goog-generation
1715029310538876
x-goog-hash
crc32c=azdXmg==, md5=5NnR8utJO0vf6LEB+jZgRg==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
10518
accept-ranges
bytes
expires
Mon, 05 Aug 2024 02:04:16 GMT
RRVbNYwmmXnd2ErgkAJz73
user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/ 		521 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/RRVbNYwmmXnd2ErgkAJz73
Requested by
Host: employeeportallog.shop
URL: https://employeeportallog.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.132.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
71863c88421243caab55457e78c5ca265593a6142579a6199836a6f929f7197b

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 00:13:00 GMT
via
1.1 google
age
3076
x-guploader-uploadid
AHxI1nPiA1AjBybIlPeDPWRCMrWNstJ5x3IOfQRVUFx1FEotRPyhf05iCgnFKTodx6zML-8UHig
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
521
last-modified
Mon, 06 May 2024 21:07:30 GMT
server
UploadServer
etag
"023470b41b7c6207ad1f2cba3d18c2dd"
x-goog-generation
1715029650081608
x-goog-hash
crc32c=d9fdUQ==, md5=AjRwtBt8YgetHyy6PRjC3Q==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
521
accept-ranges
bytes
expires
Mon, 05 Aug 2024 01:13:00 GMT
MJco8HvQt6vKuCekrDQuqT
user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user.lpcontent.net/images/BseGA4UKcwpy6Qa5TbGG76/MJco8HvQt6vKuCekrDQuqT
Requested by
Host: employeeportallog.shop
URL: https://employeeportallog.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.132.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d103f8de271e5d8a07cfb02ae6ad86cee2727e201fe26fcbfc0088c212c625e2

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 01:04:16 GMT
via
1.1 google
age
0
x-guploader-uploadid
AHxI1nOWz2N7E5tWrIAUWXQt9M93cROD_kNsCXsspEtV_7HqtpcuII5VoFRKIzH0lkyHNgszXAE
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2756
last-modified
Mon, 06 May 2024 20:45:27 GMT
server
UploadServer
etag
"8f2650b308fa93a78e1de1cdb5c3ad75"
x-goog-generation
1715028327102060
x-goog-hash
crc32c=Le4MXw==, md5=jyZQswj6k6eOHeHNtcOtdQ==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
2756
accept-ranges
bytes
expires
Mon, 05 Aug 2024 02:04:16 GMT
8vIH7w4qzmVxm2BL9A.woff2
fonts.gstatic.com/s/syne/v22/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/syne/v22/8vIH7w4qzmVxm2BL9A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Syne:300,400,500,700|Space+Mono:300,400,500,700|DM+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9229ab12d7aa296f54276f883c0447e7c77205a25e250d6dba499c49b759e829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://employeeportallog.shop
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 10:28:00 GMT
x-content-type-options
nosniff
age
138976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34636
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:51:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Aug 2025 10:28:00 GMT
rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v15/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Syne:300,400,500,700|Space+Mono:300,400,500,700|DM+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://employeeportallog.shop
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 14:12:02 GMT
x-content-type-options
nosniff
age
125534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36848
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 23:58:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Aug 2025 14:12:02 GMT
i7dMIFZifjKcF5UAWdDRaPpZUFWaHg.woff2
fonts.gstatic.com/s/spacemono/v13/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spacemono/v13/i7dMIFZifjKcF5UAWdDRaPpZUFWaHg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Syne:300,400,500,700|Space+Mono:300,400,500,700|DM+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe8b511426ee346147ad35a0ee8d29058919cc5327a304078d8c011d01e31d08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://employeeportallog.shop
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 12:47:07 GMT
x-content-type-options
nosniff
age
130629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16180
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 15:14:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Aug 2025 12:47:07 GMT
identify.html
js.center.io/ Frame DFD6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Referer
https://employeeportallog.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
29
cache-control
public, max-age=300
content-encoding
gzip
content-length
2016
content-type
text/html
date
Mon, 05 Aug 2024 01:03:47 GMT
etag
"OMWYXg"
expires
Mon, 05 Aug 2024 01:08:47 GMT
server
Google Frontend
x-cloud-trace-context
c836427ebe3b80505a0c10deca88caf0
capture
api.leadpages.io/analytics/v1/events/ 		35 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=XA2M6hb5Gr6Ef82aoTC5zP&v=&e=&st=&lc=en-US&pid=s4weMburJGHaxZptpDscAY-default-prop&uid=ApRtygh55ijDGVmw59sDQ3&sid=f4YUBh9YvtWTN8JGpt7Hik&cid=lp-XA2M6hb5Gr6Ef82aoTC5zP&uri=https%3A%2F%2Femployeeportallog.shop%2F&rf=&rx=1600&ry=1200&tz=-10%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 05 Aug 2024 01:04:17 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://employeeportallog.shop
X-Forwarded-For
162.245.206.246
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00pb6j6b932ugk43pmj0
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,133,624,774,194,803,1144,1622,1861,1861
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 05 Aug 2024 01:04:17 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
162.245.206.246
Content-Type
image/gif
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00pb6j79sbtsu6qs6qc0
favicon.ico
static.leadpages.net/images/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 01:00:01 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
256
etag
"-6uIpg"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
x-cloud-trace-context
7a708abcc1a45af8babd8b1a8f6cc15b
cache-control
public, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2594
expires
Mon, 05 Aug 2024 01:05:01 GMT
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=2nhgPKvbi7PQ6YiFctDJx4&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=252.10000038146973,226.89999961853027,1,389.6000003814697
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://employeeportallog.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 05 Aug 2024 01:04:21 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://employeeportallog.shop
X-Forwarded-For
162.245.206.246
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00pb6k6iod8lej5g97hg

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| LeadPagesCenterObject function| center object| sup object| shown

1 Cookies

Domain/Path Name / Value
.api.leadpages.io/analytics/v1/events/capture Name: view.s4weMburJGHaxZptpDscAY-default-prop.XA2M6hb5Gr6Ef82aoTC5zP
Value: 1722819857000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
employeeportallog.shop
fonts.googleapis.com
fonts.gstatic.com
js.center.io
shown.io
static.leadpages.net
user.lpcontent.net
2001:4860:4802:32::15
2606:4700:3033::ac43:ce46
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c21::5e
34.107.203.240
34.120.132.252
35.192.151.63
52.186.64.46
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0ded5a8bf45bdc6f83e5b1f1f02d390aa18e97c0492d45f5ce6c3c413248d19a
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
29eacb5ef99d02d5b8f885e299a68268b3cdd0c77fe8d7c362ec6b5ba2ccdbba
36163e805c23af619f46559dcac607c7ed5f55675a57fcfe32d5bdfd881e5e48
3ba1870cfa04a74e1e93ab5714f1c708b410e77978adb22ce0a5192e4c2b595a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71863c88421243caab55457e78c5ca265593a6142579a6199836a6f929f7197b
76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b
83ea1f5514eca8c191f1b77ab5c1959cf85620a2a05df0f698a6fabfce235c89
87054a32542e16a8962bfbd40210eb51ef32602c3e0854f31e86cf1b4d6d5644
9229ab12d7aa296f54276f883c0447e7c77205a25e250d6dba499c49b759e829
abca7aa2d96eb960ac7afede98c3111a36cd4bdb556b26e248616f429392f0ed
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
d103f8de271e5d8a07cfb02ae6ad86cee2727e201fe26fcbfc0088c212c625e2
e919dafd74d12a41d9d9f0b1e9c2f53d11e73af2c13a6e5297def8db2ce6cd45
fe8b511426ee346147ad35a0ee8d29058919cc5327a304078d8c011d01e31d08