employeeportal.store Open in urlscan Pro
104.21.71.154 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://employeeportal.store/
Submission: On March 06 via automatic, source certstream-suspicious (March 6th 2023, 4:57:45 am UTC) — Scanned from DE

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main IP is 104.21.71.154, located in and belongs to CLOUDFLARENET, US. The main domain is employeeportal.store.
TLS certificate: Issued by GTS CA 1P5 on February 18th 2023. Valid for: 3 months.

This is the only time employeeportal.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	104.21.71.154 104.21.71.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	104.16.92.80 104.16.92.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
31	4

21 104.21.71.154 (None, )

ASN13335 (CLOUDFLARENET, US)

employeeportal.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.92.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-ab13.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	employeeportal.store employeeportal.store	327 KB
5	gstatic.com fonts.gstatic.com	92 KB
3	marketo.com app-ab13.marketo.com — Cisco Umbrella Rank: 286758	5 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
31	4

	Domain	Requested by
21	employeeportal.store	employeeportal.store
5	fonts.gstatic.com	fonts.googleapis.com
3	app-ab13.marketo.com	employeeportal.store app-ab13.marketo.com
2	fonts.googleapis.com	employeeportal.store
31	4

This site contains no links.

Subject Issuer	Validity	Valid
*.employeeportal.store GTS CA 1P5	`2023-02-18` - `2023-05-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
app-ab13.marketo.com Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://employeeportal.store/
Frame ID: C6B20515ABC8230100A86D89F2B5C978
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Testament Of Youth Movie Cover

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

31
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

427 kB
Transfer

1250 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
employeeportal.store/ 106 KB
26 KB 243ms
117ms Document
text/html 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bcfbd9b3ee85109455f61b45bc7547b0dcea1a4bfc799b179a89b1fbf022f90

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a3804e30a0d6931-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 06 Mar 2023 04:57:39 GMT
last-modified: Sun, 05 Mar 2023 16:00:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YpgoT%2BPUvAcrGy3MPe%2BK%2ByFjRyo9TSaeykNeKQepvfDeOnOHdU5uTwAZ%2B7Z6z2OOsN7NCJdrSou6JMTpzecS54ERF5R7AuPHD%2BQWZw7da4OlAV2WarM76Ls2tmku2QF%2Fi5k74nOow%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.min.css
employeeportal.store/wp-includes/css/dist/block-library/ 93 KB
13 KB 111ms
103ms Stylesheet
text/css 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeportal.store/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 04:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBXk3vQYtSumSikILZSG%2B046vK6%2FvC96Dr811yh1swn%2FIuXoNbNJCYOiYx38NXLyTIamMyR5Ufs84zehcAFoPodjI5Hvgbi%2Ba1n532xO15nUkLb%2FuU4PN%2BO39yj0Hz5ba%2BUYHo3lFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7a3804e3ea8e6931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 classic-themes.min.css
employeeportal.store/wp-includes/css/ 217 B
494 B 102ms
94ms Stylesheet
text/css 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeportal.store/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 04:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6OkV55l14mX%2BWrKBkVnov72kyzQ44Fv4aoSlnYdVDeNd1bc%2FOCFhBUWOfNhzxJYf%2F9jTEMSeFeomDZwpUcP6lQU29Jj%2B1Fz%2FOCERsL0SYlo4Pl%2Fp7tv3I8a8WIA8sJzngTxIdA3%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7a3804e3ea906931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie-law-info-public.css
employeeportal.store/wp-content/plugins/cookie-law-info/public/css/ 3 KB
1 KB 106ms
98ms Stylesheet
text/css 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeportal.store/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 04:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cr5%2FVccpw0imUS4xmtQJjQHBQspy490Wj8%2BIYDwVGjS3j1sWw4PRaWGDD3p%2BT4r78rQafECe0PYP5fwTb2juVOAVoHPymv8qIvKjyFIYOFTsXIeNoSf4bIfso0J8Ftqg3NfuDMY2Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7a3804e3ea926931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie-law-info-gdpr.css
employeeportal.store/wp-content/plugins/cookie-law-info/public/css/ 27 KB
5 KB 109ms
102ms Stylesheet
text/css 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeportal.store/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 04:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v5xJWGhU%2BCFm5EUdf9LND62Reh%2BIytDw2zr40U0fE9VPBoORypAQinNzAR1XX5NyJ%2BfNShW5GndMIPI0lwsqXjbeG%2FVHipDfjMvZr9o0AnPnUbj5bNZ%2BK1xavYo93zLTvhlDDgNIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7a3804e3ea936931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main-bb4cb8209b.css
employeeportal.store/wp-content/themes/msa/dist/styles/ 228 KB
38 KB 136ms
129ms Stylesheet
text/css 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeportal.store/wp-content/themes/msa/dist/styles/main-bb4cb8209b.css
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deafad01a5a282f272b90d6176881d244ca467f777b74667d260a24d4c568147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 04:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeeJ3de%2F3AVVPk3gpdZl9nxznFpahBvfGhdLgCgQi3tDRqQbD0eZkO74GFx2VB526ElQmTplAdtVCfS8fqsgWsC3nn5Z6QkWjN8UdnDF3Eeq7bpNdAFxPHmz4M9p%2B1So0uOrrX%2FsGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7a3804e3ea946931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 148ms
53ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800

Requested by

Host: employeeportal.store
URL: https://employeeportal.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba6172988c4f2a636c28d2c46741ebbb03873f482eb038b51ee0c4840c9d13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Mar 2023 04:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 03:45:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Mar 2023 04:57:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
545 B 149ms
54ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web%3A200%2C300%2C400%2C600%2C700

Requested by

Host: employeeportal.store
URL: https://employeeportal.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

433f47db89230c8c02053048cf53fe586630b55c97bec385ac359e7249b26d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Mar 2023 04:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 02:59:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Mar 2023 04:57:39 GMT

GET
H2 200 js_composer.min.css
employeeportal.store/wp-content/plugins/js_composer/assets/css/ 474 KB
46 KB 173ms
167ms Stylesheet
text/css 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeportal.store/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 779ae1e963b5e8a5263625a174e34dfcd073775f2893211fc7e304fb70f0e3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 04:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bn8XFpL4w%2FkeCzsSAan3KB7VfhvYttG7TYIoTubEVyo%2Fy7z72BcFj5h6Lqm8oWt%2FY7U92aHu34BWRSGMQI61W3UMFDtrtWZJ9ls%2BLi%2FE0DvLgdU6z%2FjjTNbmWfYTPlVME1jkrK2c4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7a3804e3ea956931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 addtoany.min.css
employeeportal.store/wp-content/plugins/add-to-any/ 1 KB
717 B 102ms
96ms Stylesheet
text/css 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeportal.store/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 04:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odKZYoSJS9l8vzgz%2BwGzypl3ikhW%2FwrhZgUzfuPphFq23C0tpDFCOyZbQSiXXFUpb2aOWIO2W8uPpjVZV3GhhYXkgnQRegO7egJDNidz6whl9CHeUZbNX5Tyl5oOR1IwsUlBMZA4DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7a3804e3ea966931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
employeeportal.store/wp-content/themes/msa/ 377 B
493 B 103ms
97ms Stylesheet
text/css 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeportal.store/wp-content/themes/msa/style.css
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f526d9a20f05c2c1e143787a2c76b1ab0b4ae8c80015dda0108303911221e77e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 04:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAxHo0ACYvNISraj8kHR5DoMrNsqd6qZp06cL0h%2BZ%2Bkd8I1U8oqsqNlQlhCQ8Ou0E5tgwAESi5JZCCj43njN4UUcUKc29P51ET%2FoHKyIcX3ZmWujSpj8amhzpr47gVp7uTsGU6VbWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7a3804e3ea986931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 forms2.css
app-ab13.marketo.com/js/forms2/css/ 13 KB
3 KB 364ms
146ms Stylesheet
text/css 104.16.92.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab13.marketo.com/js/forms2/css/forms2.css

Requested by

Host: employeeportal.store
URL: https://employeeportal.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 12 Jan 2023 20:56:20 GMT
server: cloudflare
etag: "5008fc-3437-5f217594de500"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a3804e53f8391d1-FRA
content-length: 2623
expires: Mon, 06 Mar 2023 08:57:39 GMT

GET
H2 200 forms2-theme-inset.css
app-ab13.marketo.com/js/forms2/css/ 3 KB
1 KB 365ms
147ms Stylesheet
text/css 104.16.92.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab13.marketo.com/js/forms2/css/forms2-theme-inset.css

Requested by

Host: employeeportal.store
URL: https://employeeportal.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53386b51cdacd99baec553808a51cb6964b2a6e4b9db4c73d977c3d7311c76b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63113904
last-modified: Thu, 12 Jan 2023 20:56:20 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: "5008f9-d86-5f217594de500"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a3804e53f8491d1-FRA
content-length: 953
expires: Mon, 06 Mar 2023 08:57:39 GMT

GET
H2 200 5b58b53.jpg
employeeportal.store/ 68 B
427 B 98ms
95ms Image
image/png 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeeportal.store/5b58b53.jpg
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsFxogPRvdIQpqi6pPe7FUvxQx396HOGp7WW%2FwRMfYWJ4YVyZuqUw2WZDX7jaf3pQy1gRTnhXMk1KRT37mBvLJHzD2meEAZK%2B0DJYMk7dBsRMyXo9R49ESFKe5xxL5e6eNS62uu4ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex
cf-ray: 7a3804e3ea996931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Mar 2023 04:57:39 +0000

GET
H2 200 de045d1.png
employeeportal.store/ 68 B
344 B 101ms
98ms Image
image/png 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeeportal.store/de045d1.png
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ee%2BBimbSaLXs%2Fr9cuYX5JW0n0HM2J4EqWX%2BpLf8II5ffpFlyceJAuLetla275UAOxMMRpWtvFb6mxUiOUkf34VzsoeJfzaC9DAl8%2FiYNfN4ES9DGTKOdOgelMdkCXcW3keVPvLmWjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex
cf-ray: 7a3804e3ea9a6931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Mar 2023 04:57:39 +0000

GET
H2 200 f95b09d.png
employeeportal.store/ 68 B
438 B 149ms
146ms Image
image/png 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeeportal.store/f95b09d.png
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCo6iNw3WzMJUH77RzbKvyLqEsABPTQEX979Ed6L2oOzbCATB7UNN7peIzdkQuz%2FNMZ7rL4ke8MWBcyOhaxXERTAyDP3oEEZE009L2Idpa7DaDa%2FC7kl5AjYwdyfbegZDzj65GjW%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex
cf-ray: 7a3804e42ad46931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Mar 2023 04:57:39 +0000

GET
H2 200 16e776a.png
employeeportal.store/ 68 B
345 B 148ms
145ms Image
image/png 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeeportal.store/16e776a.png
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FH02FpMyKwRnfZTR9IRywZIjaHsRuhLgOuS1XIJwABDsF2ftLAd3XPvFKtTC4LlTl%2ByHoU3aDd%2B9bWxjavNJzkoSoeVthDxRnIzqFIiV5Tkvtnk7wUQJcnyIg8NnKdZfKQ8Nrw4LxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex
cf-ray: 7a3804e42ad56931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Mar 2023 04:57:39 +0000

GET
H2 200 85bc535.png
employeeportal.store/ 68 B
342 B 147ms
145ms Image
image/png 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeeportal.store/85bc535.png
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GN0I7dNNeG6z3jLourNYjKR6BfwWrG9n4P7LWK%2F80wrsBHVesL9KPyozN7fWgdiMtwcmRdVbravdxae807U0pKEuNDfdsbkobRSIy7GuHprnTO7svDtVeH%2BFUsnacPvO5voE%2FH9Cyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex
cf-ray: 7a3804e42ad66931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Mar 2023 04:57:39 +0000

GET
H2 200 7592574.png
employeeportal.store/ 68 B
349 B 150ms
147ms Image
image/png 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeeportal.store/7592574.png
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcO%2FzECBzwenfe1%2Bd5dZ6ud9sZa8sP%2B%2F2j8WqyH7RwGk2lPPAXnOPbJzJzAxJN4bodhKiYtkCP2vkNHWNTgrv%2BZBCCk5eBk0J2%2BO4phkuuQTTkSQAYJADXlL3hxY4cqprqT5xhXu1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex
cf-ray: 7a3804e42ad76931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Mar 2023 04:57:39 +0000

GET
H2 200 dd6f47f.jpg
employeeportal.store/ 68 B
344 B 149ms
146ms Image
image/png 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeeportal.store/dd6f47f.jpg
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMZL8EkurRDsQAOa6trtULNR%2F4nw6Q3sIKvit9FMq%2BGSsnkAED7ctBCHWcGJAjWMhQhXdmoeBipImSLmrF9yEwWXshmiSspWFj8sLZct%2BMiogv9ZiQa1vbhXXF14yq0osjeYL8h%2BPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex
cf-ray: 7a3804e42ad86931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Mar 2023 04:57:39 +0000

GET
H2 200 df9d71.png
employeeportal.store/ 68 B
347 B 149ms
147ms Image
image/png 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeeportal.store/df9d71.png
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jYet%2BrWP%2FFiElfZsWM6xks9fllp7ENScFr07NsmzVQJ15gsRHKwVnov8pu8aNc6K5ba%2B9sBFjdGT8pIKoYBwGrzV7CRFHY%2BzJyL56TPUAaSY8w3o%2BsCUlnqKysLgBSxT%2FVlgrhDmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex
cf-ray: 7a3804e42ad96931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Mar 2023 04:57:39 +0000

GET
H3 200 Altair-io4-Application-Man-Over-Shoulder_920x425.jpg
employeeportal.store/wp-content/uploads/2021/11/ 48 KB
48 KB 169ms
167ms Image
image/jpeg 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeeportal.store/wp-content/uploads/2021/11/Altair-io4-Application-Man-Over-Shoulder_920x425.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13a823a4c2f5489378f1ecf052cebbdee2ae368104005b644df1d6849f92e28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeeportal.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 04:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4piAZTq7gX7aay1kcxIqjdUacaGlxfZIkf2%2FDq6VQT2yUuTFZnj7TsX15qdkz86sgLSPA9tnaoJ%2F5ij6RIkYkwUG%2Feo4thXfTJFACjIltfek%2F9c8gRfswrqi%2BM%2BbvSUIF%2FqU3pRpHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg; charset=
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7a3804e6482f9a0f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 arrow-down-bk.png
app-ab13.marketo.com/js/forms2/images/ 1 KB
1 KB 162ms
146ms Image
image/png 104.16.92.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app-ab13.marketo.com/js/forms2/images/arrow-down-bk.png

Requested by

Host: app-ab13.marketo.com
URL: https://app-ab13.marketo.com/js/forms2/css/forms2-theme-inset.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56533e637a5c980ba4c1653ed7eea219cdbd2e86f1448c1aa38c538cb1f89285

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app-ab13.marketo.com/js/forms2/css/forms2-theme-inset.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 12 Jan 2023 20:56:20 GMT
server: cloudflare
etag: "12a068b-415-5f217594de500"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a3804e6585891d1-FRA
content-length: 1045
expires: Mon, 06 Mar 2023 08:57:39 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
13 KB 152ms
43ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web%3A200%2C300%2C400%2C600%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d14d732f8caf915919ff661157edc3456a85f408b7a3c5ee1e21357e7df07e1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://employeeportal.store
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:51:52 GMT
x-content-type-options: nosniff
age: 227147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12384
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 13:51:52 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 198ms
89ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://employeeportal.store
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:05:33 GMT
x-content-type-options: nosniff
age: 345126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 05:05:33 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 224ms
115ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web%3A200%2C300%2C400%2C600%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://employeeportal.store
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:21:19 GMT
x-content-type-options: nosniff
age: 243380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11796
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:21:19 GMT

GET
H3 200 fa-regular-400.woff2
employeeportal.store/wp-content/themes/msa/dist/fonts/ 15 KB
15 KB 104ms
98ms Font
font/woff2 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeportal.store/wp-content/themes/msa/dist/fonts/fa-regular-400.woff2
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/wp-content/themes/msa/dist/styles/main-bb4cb8209b.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48810f2ca5c1a9cb285177a493b18a3ca22c177afeb9b242a592788eafc606f2

Request headers

Referer: https://employeeportal.store/wp-content/themes/msa/dist/styles/main-bb4cb8209b.css
Origin: https://employeeportal.store
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 04:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6ZJSOQBALtGkWF0dKnOJqM76lXH69%2BAWNvQ9pFl3%2Fa2%2BF0DD3u6%2BIkwWkdt2nLRjNHDNjIy2QTcSLfFRjmeemxMNfmYtUMlRJmHGRcjC4EKPNcD6%2BcqJONMZ9FkqooZhjR9DoRUxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2; charset=
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7a3804e668439a0f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 184ms
79ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web%3A200%2C300%2C400%2C600%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://employeeportal.store
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:14:18 GMT
x-content-type-options: nosniff
age: 290601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12136
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:39:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 20:14:18 GMT

GET
H3 200 fa-solid-900.woff2
employeeportal.store/wp-content/themes/msa/dist/fonts/ 66 KB
66 KB 191ms
186ms Font
font/woff2 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeportal.store/wp-content/themes/msa/dist/fonts/fa-solid-900.woff2
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/wp-content/themes/msa/dist/styles/main-bb4cb8209b.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Referer: https://employeeportal.store/wp-content/themes/msa/dist/styles/main-bb4cb8209b.css
Origin: https://employeeportal.store
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 04:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Bc4qZA8MVmLCtcGviOImDAA7v8wMp55ebWBUvWMgG%2Fxr%2FfiJkV%2BpZPFwb0jb1gTvXVF7J8VruFYjCeKjDwGCJhXnvw%2FOdtwBLnPUL8L398weyW5fRYiwZafSYWQ52C39%2FNVekg32g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2; charset=
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7a3804e668449a0f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 154ms
50ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web%3A200%2C300%2C400%2C600%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://employeeportal.store
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:32:02 GMT
x-content-type-options: nosniff
age: 361537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12372
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 00:32:02 GMT

GET
H3 200 fa-brands-400.woff2
employeeportal.store/wp-content/themes/msa/dist/fonts/ 64 KB
64 KB 231ms
227ms Font
font/woff2 104.21.71.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeportal.store/wp-content/themes/msa/dist/fonts/fa-brands-400.woff2
Requested by: Host: employeeportal.store
URL: https://employeeportal.store/wp-content/themes/msa/dist/styles/main-bb4cb8209b.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.71.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

Request headers

Referer: https://employeeportal.store/wp-content/themes/msa/dist/styles/main-bb4cb8209b.css
Origin: https://employeeportal.store
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:57:39 GMT
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 04:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBxIaCl04EFRzbWlfqW7LMl0ovlmtKL0hJWfAPTRewQWGp4nFDljMahuGw1N0hCVlzHqldbGyPczEsagcKVJhT70pS4smtNGmcaNH956vktZEtSo3gxc%2FOlM2x44ygj512yJ9QaXgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2; charset=
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7a3804e668489a0f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.app-ab13.marketo.com/	1970-01-20 10:08:00	Name: __cf_bm Value: VhmjiZzdG9_T1yPkIf50dJfZix_xs9I63HlukWhzQ00-1678078659-0-AZy2/l2EdNHjl1aV0pjFEVvuo/66rOKcrr178VRDJB6mUeG0coFpEoQSWUXLzd5kjP5CHSdICZnsQsxHOKQjPYI=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-ab13.marketo.com
employeeportal.store
fonts.googleapis.com
fonts.gstatic.com
104.16.92.80
104.21.71.154
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
1bcfbd9b3ee85109455f61b45bc7547b0dcea1a4bfc799b179a89b1fbf022f90
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
433f47db89230c8c02053048cf53fe586630b55c97bec385ac359e7249b26d7d
48810f2ca5c1a9cb285177a493b18a3ca22c177afeb9b242a592788eafc606f2
53386b51cdacd99baec553808a51cb6964b2a6e4b9db4c73d977c3d7311c76b6
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
56533e637a5c980ba4c1653ed7eea219cdbd2e86f1448c1aa38c538cb1f89285
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
779ae1e963b5e8a5263625a174e34dfcd073775f2893211fc7e304fb70f0e3a7
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
cba6172988c4f2a636c28d2c46741ebbb03873f482eb038b51ee0c4840c9d13f
d13a823a4c2f5489378f1ecf052cebbdee2ae368104005b644df1d6849f92e28
d14d732f8caf915919ff661157edc3456a85f408b7a3c5ee1e21357e7df07e1a
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
deafad01a5a282f272b90d6176881d244ca467f777b74667d260a24d4c568147
f526d9a20f05c2c1e143787a2c76b1ab0b4ae8c80015dda0108303911221e77e
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

employeeportal.store Open in urlscan Pro 104.21.71.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

427 kBTransfer

1250 kBSize

1 Cookies

0 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

employeeportal.store Open in urlscan Pro
104.21.71.154 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

427 kB
Transfer

1250 kB
Size

1
Cookies

31 HTTP transactions
0 data transactions