urlscan.io logo urlscan.io
SecurityTrails logo

safe.menlosecurity.com Open in urlscan Pro
52.59.184.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://admin.mirasafe.com/
Effective URL: https://safe.menlosecurity.com/safeview-auth-server/login?form
Submission: On July 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 52.59.184.77, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is safe.menlosecurity.com. The Cisco Umbrella rank of the primary domain is 141488.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 14th 2024. Valid for: a year.
This is the only time safe.menlosecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.85.77.83 16509 (AMAZON-02)
8 52.9.247.249 16509 (AMAZON-02)
11 52.59.184.77 16509 (AMAZON-02)
19 2
Apex Domain
Subdomains		 Transfer
19 menlosecurity.com
admin.menlosecurity.com
safe.menlosecurity.com — Cisco Umbrella Rank: 141488
eu-central-1-029060369-view.menlosecurity.com
4 MB
1 mirasafe.com
admin.mirasafe.com
217 B
19 2
Domain Requested by
9 eu-central-1-029060369-view.menlosecurity.com safe.menlosecurity.com
eu-central-1-029060369-view.menlosecurity.com
8 admin.menlosecurity.com admin.menlosecurity.com
2 safe.menlosecurity.com
1 admin.mirasafe.com 1 redirects
19 4

This site contains no links.

Subject Issuer Validity Valid
*.menlosecurity.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-14 -
2025-06-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://safe.menlosecurity.com/safeview-auth-server/login?form
Frame ID: EF55E6050C67FB0DD1C10AB2178EC230
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Menlo Security

Page URL History Show full URLs

  1. https://admin.mirasafe.com/ HTTP 307
    https://admin.menlosecurity.com/ Page URL
  2. https://safe.menlosecurity.com/safeview-auth-server/login?form Page URL

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

2
IPs

2
Countries

3599 kB
Transfer

3649 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://admin.mirasafe.com/ HTTP 307
    https://admin.menlosecurity.com/ Page URL
  2. https://safe.menlosecurity.com/safeview-auth-server/login?form Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://admin.mirasafe.com/ HTTP 307
  • https://admin.menlosecurity.com/

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
admin.menlosecurity.com/
Redirect Chain
  • https://admin.mirasafe.com/
  • https://admin.menlosecurity.com/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.menlosecurity.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.247.249 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-247-249.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
1a0d3a393a6d233ec7d5cd7d1c4fceadfad5f78fb6fedbb603e3cb16d2f51b4c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
1037
Content-Security-Policy
default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
Content-Type
text/html
Date
Wed, 10 Jul 2024 07:13:48 GMT
ETag
"667d0282-40d"
Last-Modified
Thu, 27 Jun 2024 06:11:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-UA-Compatible
IE=edge

Redirect headers

Connection
keep-alive
Content-Length
180
Content-Type
text/html
Date
Wed, 10 Jul 2024 07:13:47 GMT
Location
https://admin.menlosecurity.com/
Server
nginx/1.18.0 (Ubuntu)
materialdesignicons.min.css
admin.menlosecurity.com/ap/assets/materialicons/css/ 		258 KB
259 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.menlosecurity.com/ap/assets/materialicons/css/materialdesignicons.min.css
Requested by
Host: admin.menlosecurity.com
URL: https://admin.menlosecurity.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.247.249 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-247-249.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
50daccd12ca882f545a0caec26c9b67da2806d4c0143db66ecd348f13a20113c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://admin.menlosecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 07:13:48 GMT
Content-Security-Policy
default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 27 Jun 2024 06:40:42 GMT
ETag
"667d096a-406c0"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
263872
X-UA-Compatible
IE=edge
app.bundle.8f8d60d23f73c486d964.css
admin.menlosecurity.com/ 		225 KB
226 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.menlosecurity.com/app.bundle.8f8d60d23f73c486d964.css
Requested by
Host: admin.menlosecurity.com
URL: https://admin.menlosecurity.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.247.249 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-247-249.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
e5e89f7045447683a68c58d63349872e0e6fbc11f73ecd7c1b72739ff482379c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://admin.menlosecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 07:13:48 GMT
Content-Security-Policy
default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 27 Jun 2024 06:11:14 GMT
ETag
"667d0282-38512"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
230674
X-UA-Compatible
IE=edge
app_config.js
admin.menlosecurity.com/conf/ 		92 B
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.menlosecurity.com/conf/app_config.js
Requested by
Host: admin.menlosecurity.com
URL: https://admin.menlosecurity.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.247.249 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-247-249.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
76fdd4e2c7059cd7b2bd7743334f9eacbed468c2b6eb0bae086d9826e1976cdb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://admin.menlosecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 07:13:48 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
Connection
keep-alive
Content-Length
92
Content-Type
application/x-javascript
app.bundle.8f8d60d23f73c486d964.js
admin.menlosecurity.com/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.menlosecurity.com/app.bundle.8f8d60d23f73c486d964.js
Requested by
Host: admin.menlosecurity.com
URL: https://admin.menlosecurity.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.247.249 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-247-249.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
1ca5fd5d90fd248a737833588ca0dd5d5df6485b7985d521436637bc2c0a489f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://admin.menlosecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 07:13:48 GMT
Content-Security-Policy
default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 27 Jun 2024 06:11:14 GMT
ETag
"667d0282-2f8f41"
X-Frame-Options
DENY
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3116865
X-UA-Compatible
IE=edge
auth_params
admin.menlosecurity.com/api/auth/v1/ 		316 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://admin.menlosecurity.com/api/auth/v1/auth_params
Requested by
Host: admin.menlosecurity.com
URL: https://admin.menlosecurity.com/app.bundle.8f8d60d23f73c486d964.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.247.249 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-247-249.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
6d649c3f49f317ac21f9b1688a8ab5ef0320fdfdeade2f1ce04722e2f7913d21
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://admin.menlosecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Wed, 10 Jul 2024 07:13:50 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src 'none'; form-action 'none'; sandbox;
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Connection
keep-alive
Content-Length
316
favicon.png
admin.menlosecurity.com/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://admin.menlosecurity.com/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.247.249 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-247-249.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
bd77082aace50c3c7cf35d3b76ad9a417dfef73a81f6f2125049223addadc583
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://admin.menlosecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 07:13:50 GMT
Content-Security-Policy
default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 27 Jun 2024 06:11:14 GMT
ETag
"667d0282-6a9"
X-Frame-Options
DENY
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1705
X-UA-Compatible
IE=edge
c8ba2588048094aac13ae986b7716123.png
admin.menlosecurity.com/img/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.menlosecurity.com/img/c8ba2588048094aac13ae986b7716123.png
Requested by
Host: admin.menlosecurity.com
URL: https://admin.menlosecurity.com/app.bundle.8f8d60d23f73c486d964.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.247.249 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-247-249.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://admin.menlosecurity.com/app.bundle.8f8d60d23f73c486d964.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 07:13:51 GMT
Content-Security-Policy
default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 27 Jun 2024 06:11:14 GMT
ETag
"667d0282-33c7"
X-Frame-Options
DENY
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13255
X-UA-Compatible
IE=edge
Primary Request login
safe.menlosecurity.com/safeview-auth-server/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safe.menlosecurity.com/safeview-auth-server/login?form
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.59.184.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-184-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
15065215a71ad4e6832f9112f681c0c42768c481ea64c593e11feedb0cf4d630
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' https://eu-central-1-029060369-view.menlosecurity.com; img-src 'self' data: https://eu-central-1-029060369-view.menlosecurity.com; style-src 'self' https://eu-central-1-029060369-view.menlosecurity.com; font-src 'self' https://eu-central-1-029060369-view.menlosecurity.com; connect-src 'self' https://eu-central-1-029060369-inspect.menlosecurity.com https://eu-central-1-029060369-view.menlosecurity.com https://xhr-eu-central-1-029060369-view.menlosecurity.com; frame-ancestors 'none'; base-uri 'none'; report-uri /safeview-client-logger/csp-violation;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://admin.menlosecurity.com
Referer
https://admin.menlosecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, max-age=0, must-revalidate
content-length
7266
content-security-policy
default-src 'none'; script-src 'self' https://eu-central-1-029060369-view.menlosecurity.com; img-src 'self' data: https://eu-central-1-029060369-view.menlosecurity.com; style-src 'self' https://eu-central-1-029060369-view.menlosecurity.com; font-src 'self' https://eu-central-1-029060369-view.menlosecurity.com; connect-src 'self' https://eu-central-1-029060369-inspect.menlosecurity.com https://eu-central-1-029060369-view.menlosecurity.com https://xhr-eu-central-1-029060369-view.menlosecurity.com; frame-ancestors 'none'; base-uri 'none'; report-uri /safeview-client-logger/csp-violation;
content-type
text/html; charset=UTF-8
date
Wed, 10 Jul 2024 07:13:51 GMT
expires
-1
p3p
CP="None specified"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
vary
Accept-Language
x-content-type-options
nosniff
x-frame-options
deny
x-ua-compatible
IE=edge
fonts.css
eu-central-1-029060369-view.menlosecurity.com/safeview-static/css/ 		3 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/css/fonts.css?v=2.90.0-120063-1-g7bf2b402ad
Requested by
Host: safe.menlosecurity.com
URL: https://safe.menlosecurity.com/safeview-auth-server/login?form
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.59.184.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-184-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2b799f12d81aca84213022ed8c7bb4c909ab6b33fb9ee6515e9cd21585d793ca
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://safe.menlosecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 09 Aug 2024 07:13:51 GMT
date
Wed, 10 Jul 2024 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'none'; form-action 'none'; sandbox;
last-modified
Tue, 18 Jun 2024 17:31:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
etag
W/"6671c47c-df7"
x-frame-options
deny
content-type
text/css
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-ua-compatible
IE=edge
auth-new.css
eu-central-1-029060369-view.menlosecurity.com/safeview-static/css/ 		21 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/css/auth-new.css?v=2.90.0-120063-1-g7bf2b402ad
Requested by
Host: safe.menlosecurity.com
URL: https://safe.menlosecurity.com/safeview-auth-server/login?form
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.59.184.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-184-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3abf70932cd031ed00abf3a96942d4f9fe977391cb1181f4b01076b76039a51d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://safe.menlosecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 09 Aug 2024 07:13:51 GMT
date
Wed, 10 Jul 2024 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'none'; form-action 'none'; sandbox;
last-modified
Tue, 18 Jun 2024 17:31:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
etag
W/"6671c47c-53be"
x-frame-options
deny
content-type
text/css
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-ua-compatible
IE=edge
client-side-redirect.js
eu-central-1-029060369-view.menlosecurity.com/safeview-static/scripts/ 		1 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/scripts/client-side-redirect.js?v=2.90.0-120063-1-g7bf2b402ad
Requested by
Host: safe.menlosecurity.com
URL: https://safe.menlosecurity.com/safeview-auth-server/login?form
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.59.184.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-184-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c7f571523fb6d6af312369709da87456e21ee689fa751635ccaffef22f79aaab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://safe.menlosecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 09 Aug 2024 07:13:51 GMT
date
Wed, 10 Jul 2024 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'none'; form-action 'none'; sandbox;
last-modified
Tue, 18 Jun 2024 17:31:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
etag
W/"6671c47c-40b"
x-frame-options
deny
content-type
application/javascript
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-ua-compatible
IE=edge
form-serializer.js
eu-central-1-029060369-view.menlosecurity.com/safeview-static/scripts/ 		856 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/scripts/form-serializer.js?v=2.90.0-120063-1-g7bf2b402ad
Requested by
Host: safe.menlosecurity.com
URL: https://safe.menlosecurity.com/safeview-auth-server/login?form
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.59.184.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-184-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
13e37a887c6545067c5322d6eff470ba86bd495f8c0c60eaa8993bfc3729cadb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://safe.menlosecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 09 Aug 2024 07:13:51 GMT
date
Wed, 10 Jul 2024 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'none'; form-action 'none'; sandbox;
last-modified
Tue, 18 Jun 2024 17:31:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
etag
W/"6671c47c-358"
x-frame-options
deny
content-type
application/javascript
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-ua-compatible
IE=edge
login.js
eu-central-1-029060369-view.menlosecurity.com/safeview-static/scripts/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/scripts/login.js?v=2.90.0-120063-1-g7bf2b402ad
Requested by
Host: safe.menlosecurity.com
URL: https://safe.menlosecurity.com/safeview-auth-server/login?form
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.59.184.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-184-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
45a7a4687fc2a8ed6e7ab0cb5412dfc2052d3a519860a062679fada4c64aa309
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://safe.menlosecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 09 Aug 2024 07:13:51 GMT
date
Wed, 10 Jul 2024 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'none'; form-action 'none'; sandbox;
last-modified
Tue, 18 Jun 2024 17:31:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
etag
W/"6671c47c-565a"
x-frame-options
deny
content-type
application/javascript
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-ua-compatible
IE=edge
font_smoothing.js
eu-central-1-029060369-view.menlosecurity.com/safeview-static/scripts/ 		1 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/scripts/font_smoothing.js?v=2.90.0-120063-1-g7bf2b402ad
Requested by
Host: safe.menlosecurity.com
URL: https://safe.menlosecurity.com/safeview-auth-server/login?form
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.59.184.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-184-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1261d3a7fd4f8886c3ff1ac3e08b0b005e6167fafab81ee2da4974e60782fb64
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://safe.menlosecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 09 Aug 2024 07:13:51 GMT
date
Wed, 10 Jul 2024 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'none'; form-action 'none'; sandbox;
last-modified
Tue, 18 Jun 2024 17:31:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
etag
W/"6671c47c-40e"
x-frame-options
deny
content-type
application/javascript
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-ua-compatible
IE=edge
menlo-logo-admin.png
eu-central-1-029060369-view.menlosecurity.com/safeview-static/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/img/menlo-logo-admin.png
Requested by
Host: eu-central-1-029060369-view.menlosecurity.com
URL: https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/css/auth-new.css?v=2.90.0-120063-1-g7bf2b402ad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.59.184.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-184-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
70cbf52afc726ff09e8b745af450e37db91b2a7bf00dd1468e77cbc0afdad88b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/css/auth-new.css?v=2.90.0-120063-1-g7bf2b402ad
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Wed, 10 Jul 2024 07:13:50 GMT
date
Wed, 10 Jul 2024 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'none'; form-action 'none'; sandbox;
last-modified
Tue, 18 Jun 2024 17:31:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
etag
W/"6671c47c-1bf1"
x-frame-options
deny
content-type
image/png
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-ua-compatible
IE=edge
input-icons.png
eu-central-1-029060369-view.menlosecurity.com/safeview-static/img/ 		16 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/img/input-icons.png
Requested by
Host: eu-central-1-029060369-view.menlosecurity.com
URL: https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/css/auth-new.css?v=2.90.0-120063-1-g7bf2b402ad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.59.184.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-184-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
389e61c168af86b17a7a3bd6a1398c734d37ba8a6dfc9c16b9d0cf4820a72144
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/css/auth-new.css?v=2.90.0-120063-1-g7bf2b402ad
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Wed, 10 Jul 2024 07:13:50 GMT
date
Wed, 10 Jul 2024 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'none'; form-action 'none'; sandbox;
last-modified
Tue, 18 Jun 2024 17:31:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
etag
W/"6671c47c-3e36"
x-frame-options
deny
content-type
image/png
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-ua-compatible
IE=edge
menlo-logo-horizontal.png
eu-central-1-029060369-view.menlosecurity.com/safeview-static/img/ 		13 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/img/menlo-logo-horizontal.png
Requested by
Host: eu-central-1-029060369-view.menlosecurity.com
URL: https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/css/auth-new.css?v=2.90.0-120063-1-g7bf2b402ad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.59.184.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-184-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9d0adbbf33f71ecfabd3ae76b0793053c66fce90bae002cfd0aaa30ca83e1201
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://eu-central-1-029060369-view.menlosecurity.com/safeview-static/css/auth-new.css?v=2.90.0-120063-1-g7bf2b402ad
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Wed, 10 Jul 2024 07:13:50 GMT
date
Wed, 10 Jul 2024 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'none'; form-action 'none'; sandbox;
last-modified
Tue, 18 Jun 2024 17:31:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
etag
W/"6671c47c-33c7"
x-frame-options
deny
content-type
image/png
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-ua-compatible
IE=edge
favicon.ico
safe.menlosecurity.com/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://safe.menlosecurity.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.59.184.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-184-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d59b04c4dbb30156dc56921fa4027b4c6925026cddd87a2b1b612ba38f426349
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://safe.menlosecurity.com/safeview-auth-server/login?form
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'none'; form-action 'none'; sandbox;
last-modified
Tue, 18 Jun 2024 17:31:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
etag
W/"6671c47c-3c2e"
x-frame-options
deny
content-type
image/x-icon
cross-origin-resource-policy
cross-origin

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| clientSideRedirect function| formToObject function| cookieDaysToExpires function| getCookie function| setCookie function| removeCookie string| REGISTER_REDIRECT_COOKIE function| getParam function| getParamSafe function| paramsToObject function| changeVisibility function| setElementAttribute function| removeElementAttribute function| addToSearchComponent function| generatePnrURL function| doRedirect function| loginButtonEnable function| redirectToThirdPartyCookieGuidancePage function| isVpnAuth function| doLoginResp function| doLoginXHR function| doITokXHR function| addFormField function| doIntegrityLevelLoginPost function| prepareUIComponents function| doLoginInfoXHR function| tenantLookupComplete function| tenantLookup function| loginName function| setPromptText function| loginPass function| startLogin

1 Cookies

Domain/Path Name / Value
admin.menlosecurity.com/ Name: _Host-pnr-state
Value: 3dfe001f-08a6-4eb1-ae4c-bdb536233113

3 Console Messages

Source Level URL
Text
recommendation verbose URL: https://admin.menlosecurity.com/#/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation warning URL: https://safe.menlosecurity.com/safeview-auth-server/login?form
Message:
[DOM] Found 2 elements with non-unique id #param_csrf_token: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://safe.menlosecurity.com/safeview-auth-server/login?form
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; form-action safe.menlosecurity.com 'self'; font-src 'self'; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5128430597832704.storage.googleapis.com; img-src 'self' data: cdn.pendo.io app.pendo.io pendo-static-5128430597832704.storage.googleapis.com data.pendo.io; connect-src 'self' app.pendo.io data.pendo.io pendo-static-5128430597832704.storage.googleapis.com;script-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY