federalemployeebenefitcoordinators.com Open in urlscan Pro
146.66.78.158 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://federalemployeebenefitcoordinators.com/
Submission: On November 24 via manual (November 24th 2019, 8:51:57 pm UTC) from US

Summary HTTP 61 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 61 HTTP transactions. The main IP is 146.66.78.158, located in Chicago, United States and belongs to SINGLEHOP-LLC - SingleHop LLC, US. The main domain is federalemployeebenefitcoordinators.com.

This is the only time federalemployeebenefitcoordinators.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11 43	146.66.78.158 146.66.78.158	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC)
5	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
9	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	18.218.95.216 18.218.95.216	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
61	9

43 146.66.78.158 (Chicago, United States) 11 redirects

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)

federalemployeebenefitcoordinators.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gpswp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gpswp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.218.95.216 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-218-95-216.us-east-2.compute.amazonaws.com

leadify.gradientps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	federalemployeebenefitcoordinators.com federalemployeebenefitcoordinators.com	229 KB
21	gpswp.com 11 redirects gpswp.com www.gpswp.com	689 KB
9	google.com www.google.com	612 B
7	gstatic.com www.gstatic.com fonts.gstatic.com	178 KB
5	googleapis.com fonts.googleapis.com	3 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	fontawesome.com use.fontawesome.com	271 KB
2	gradientps.com leadify.gradientps.com	15 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	30 KB
61	9

	Domain	Requested by
22	federalemployeebenefitcoordinators.com	federalemployeebenefitcoordinators.com
20	gpswp.com	11 redirects federalemployeebenefitcoordinators.com
9	www.google.com	federalemployeebenefitcoordinators.com www.gstatic.com
6	fonts.gstatic.com	federalemployeebenefitcoordinators.com use.fontawesome.com
5	fonts.googleapis.com	federalemployeebenefitcoordinators.com
2	www.google-analytics.com	federalemployeebenefitcoordinators.com
2	use.fontawesome.com	federalemployeebenefitcoordinators.com
2	leadify.gradientps.com	federalemployeebenefitcoordinators.com
2	maxcdn.bootstrapcdn.com	federalemployeebenefitcoordinators.com
1	www.gstatic.com	www.google.com
1	www.gpswp.com	federalemployeebenefitcoordinators.com
61	11

This site contains links to these domains. Also see Links.

Domain
thefinancialhq.com
www.generationalvault.com
vimeo.com
goo.gl
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
leadify.gradientps.com Let's Encrypt Authority X3	`2019-11-03` - `2020-02-01`	3 months	crt.sh
gpswp.com Let's Encrypt Authority X3	`2019-11-22` - `2020-02-20`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://federalemployeebenefitcoordinators.com/
Frame ID: 7E2286282B9A087C1A1D1F179539A985
Requests: 53 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&co=aHR0cDovL2ZlZGVyYWxlbXBsb3llZWJlbmVmaXRjb29yZGluYXRvcnMuY29tOjgw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=compact&cb=82t8941gwiw4
Frame ID: 0E4BE3092C8651DD970D6DAFB883610F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&co=aHR0cDovL2ZlZGVyYWxlbXBsb3llZWJlbmVmaXRjb29yZGluYXRvcnMuY29tOjgw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=compact&cb=cth13s496ubb
Frame ID: 139FF8B2C39F0647245B6EE79AF2774C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&co=aHR0cDovL2ZlZGVyYWxlbXBsb3llZWJlbmVmaXRjb29yZGluYXRvcnMuY29tOjgw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=compact&cb=rbyv5qgxoo84
Frame ID: F291C9FD4157FF697C9D28BFECA3EEF6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&co=aHR0cDovL2ZlZGVyYWxlbXBsb3llZWJlbmVmaXRjb29yZGluYXRvcnMuY29tOjgw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=compact&cb=uj17dvd4e361
Frame ID: 085EF4671D9AA17DD173A0A0E6FB5B85
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&cb=dt48g1qxyy5k
Frame ID: 1C43DD47E738F48562D4757B12FE50DC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&cb=byhjk6s0d26h
Frame ID: E90657196724031808538EC7ED31E3F4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&cb=97krwkjld927
Frame ID: 90902B632BC0656118049E213F3A137E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&cb=e3e8ci2cqdpu
Frame ID: 8EF3FA815E517E60944106D08E15C8AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

61
Requests

59 %
HTTPS

67 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

1429 kB
Transfer

2423 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://thefinancialhq.com/inman.financial
Title: Inman Financial

Search URL Search Domain Scan URL

URL: https://www.generationalvault.com/Login/?d3ksXGXxD7oIF5IUPLLpZNJpKcMfrIi8rdijbZHOqo8%3d
Title: Vault Login

Search URL Search Domain Scan URL

URL: http://thefinancialhq.com/febc
Title: Get Your Score!

Search URL Search Domain Scan URL

URL: https://vimeo.com/62799803

Search URL Search Domain Scan URL

URL: https://vimeo.com/88908146

Search URL Search Domain Scan URL

URL: https://vimeo.com/89404346

Search URL Search Domain Scan URL

URL: https://vimeo.com/93490705

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/ucPvB5WXygw
Title: View map and directions

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FederalEmplyeeBenefitsCoordinators

Search URL Search Domain Scan URL

URL: https://twitter.com/FEBCoordinators

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

http://gpswp.com/?dm=1032123d748dbec390e01c966c4686b6&action=load&blogid=393&siteid=1&t=1109449156&back=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F HTTP 301
https://gpswp.com/?dm=1032123d748dbec390e01c966c4686b6&action=load&blogid=393&siteid=1&t=1109449156&back=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F HTTP 301
https://www.gpswp.com/?dm=1032123d748dbec390e01c966c4686b6&action=load&blogid=393&siteid=1&t=1109449156&back=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F

Request Chain 18

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-5.jpg HTTP 301
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-5.jpg

Request Chain 20

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-6.jpg HTTP 301
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-6.jpg

Request Chain 21

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-7.jpg HTTP 301
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-7.jpg

Request Chain 22

http://gpswp.com/planwell-retirewell/wp-content/uploads/sites/355/ss-max-large.jpg HTTP 301
https://gpswp.com/planwell-retirewell/wp-content/uploads/sites/355/ss-max-large.jpg

Request Chain 23

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/fed_ben_photo.jpg HTTP 301
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/fed_ben_photo.jpg

Request Chain 24

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/emp-women-vid.jpg HTTP 301
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/emp-women-vid.jpg

Request Chain 25

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/bene-review-vid.jpg HTTP 301
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/bene-review-vid.jpg

Request Chain 26

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/writ-retirement-vid.jpg HTTP 301
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/writ-retirement-vid.jpg

Request Chain 27

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/elizabeth_footer_smaller.jpg HTTP 301
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/elizabeth_footer_smaller.jpg

Request Chain 48

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 55

http://www.google-analytics.com/r/collect?v=1&_v=j79&a=1225251415&t=pageview&_s=1&dl=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Federal%20Employee%20Benefit%20Coordinators&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1987693434&gjid=680248368&cid=1860263431.1574628701&tid=UA-78444336-48&_gid=208841662.1574628701&_r=1&z=2011126439 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1225251415&t=pageview&_s=1&dl=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Federal%20Employee%20Benefit%20Coordinators&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1987693434&gjid=680248368&cid=1860263431.1574628701&tid=UA-78444336-48&_gid=208841662.1574628701&_r=1&z=2011126439

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
federalemployeebenefitcoordinators.com/ 63 KB
11 KB 488ms
369ms Document
text/html 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: da28e0731312d1732eafb812ed524114e608b245d87b63f8f4902b4d0b93417e

Request headers

Host: federalemployeebenefitcoordinators.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Server: nginx
Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 10824
Connection: keep-alive
X-Cache-Enabled: False
Link: <http://federalemployeebenefitcoordinators.com/wp-json/>; rel="https://api.w.org/", <http://federalemployeebenefitcoordinators.com/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15552000
Expires: Fri, 22 May 2020 20:51:39 GMT
X-Proxy-Cache: MISS
alt-svc: quic=":443"; ma=86400; v="43,39"

GET
H/1.1 200
OK css
fonts.googleapis.com/ 4 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Quattrocento+Sans%3A400%2C400italic%2C700%2C700italic&ver=5.2.3

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b958d775a5db3514a847f77d56b93f59d55e60e4f2232dcce94f2f510ef04f26

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Nov 2019 20:51:39 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Sun, 24 Nov 2019 20:51:39 GMT

GET
H/1.1 200
OK bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 120 KB
20 KB 21ms
12ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:34:07 GMT
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
ETag: "1544639647"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 19879

GET
H/1.1 200
OK animate.css
federalemployeebenefitcoordinators.com/wp-content/themes/advisor9/css/ 67 KB
4 KB 108ms
104ms Stylesheet
text/css 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/themes/advisor9/css/animate.css
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Jan 2017 18:52:32 GMT
Server: nginx
ETag: "10cbc-54662eb4f18ef-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 4103
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H/1.1 200
OK style.css
federalemployeebenefitcoordinators.com/wp-content/themes/inman-child/ 16 KB
4 KB 205ms
107ms Stylesheet
text/css 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/themes/inman-child/style.css
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 65eab28856be0c97b03af0a60972b7e7581a87cb87ab5eac602b1f63e6545b7f

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Dec 2017 18:33:50 GMT
Server: nginx
ETag: "408a-5603d023f0258-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 3322
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H/1.1 200
OK vaForm.css
federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-va-form/css/ 306 B
599 B 205ms
107ms Stylesheet
text/css 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-va-form/css/vaForm.css
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6644850da8fec33dfb5cd5df12062fcaa49d052f320294db2642f3c6f822f72f

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2016 22:06:39 GMT
Server: nginx
ETag: "132-5355855f3f9c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 175
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H/1.1 200
OK style.min.css
federalemployeebenefitcoordinators.com/wp-includes/css/dist/block-library/ 29 KB
5 KB 205ms
107ms Stylesheet
text/css 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Sep 2019 15:54:38 GMT
Server: nginx
ETag: "726f-5925d27a1e15e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 4767
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H/1.1 200
OK gps-simple-events.css
federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-events/lib/css/ 306 B
621 B 203ms
105ms Stylesheet
text/css 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-events/lib/css/gps-simple-events.css
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: d3019d3dc38ca038ee23f0745f55d5eb697aa82a3e6ad31f1f880f57f8e6893b

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jun 2015 14:15:16 GMT
Server: nginx
ETag: "132-519bcd5db0500-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 197
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H/1.1 200
OK gps-slider.css
federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-slider/lib/css/ 4 KB
2 KB 203ms
105ms Stylesheet
text/css 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-slider/lib/css/gps-slider.css
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 51396c7bd442ff3169a0448dd3c1510513523ea0f259c5febaa0a8cafca591e0

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jun 2015 14:15:34 GMT
Server: nginx
ETag: "f58-519bcd6edad80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 1228
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H/1.1 200
OK jquery.js Show response
federalemployeebenefitcoordinators.com/wp-includes/js/jquery/ 95 KB
33 KB 216ms
107ms Script
application/javascript 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-includes/js/jquery/jquery.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Sep 2019 15:54:38 GMT
Server: nginx
ETag: "17a69-5925d27a11255-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 33776
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
federalemployeebenefitcoordinators.com/wp-includes/js/jquery/ 10 KB
4 KB 311ms
106ms Script
application/javascript 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Sep 2016 17:12:38 GMT
Server: nginx
ETag: "2748-53d1bc4d0335f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 4014
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 36 KB
10 KB 14ms
7ms Script
text/javascript 2001:4de0:ac19::1:b:1a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:33:51 GMT
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
ETag: "1544639631"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 9743

GET
H/1.1 200
OK recaptcha-multiple-callback.js Show response
federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-va-form/js/ 565 B
745 B 311ms
106ms Script
application/javascript 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-va-form/js/recaptcha-multiple-callback.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 80f849f65bfa7026c42f8f8eafbcce666f88467ee4dcff1d8200b2ec14f157a0

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Nov 2016 20:43:13 GMT
Server: nginx
ETag: "235-541711f23049d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 307
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 788 B
612 B 17ms
16ms Script
text/javascript 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

2eae20aa387087cfb6460353835ac44d92a9ab0670a00f51e64c49419b791d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 485
x-xss-protection: 1; mode=block
expires: Sun, 24 Nov 2019 20:51:39 GMT

GET
H2 200 vaForm.bundle.min.js Show response
leadify.gradientps.com/js/ 45 KB
14 KB 861ms
96ms Script
application/javascript 18.218.95.216
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://leadify.gradientps.com/js/vaForm.bundle.min.js

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.218.95.216 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-218-95-216.us-east-2.compute.amazonaws.com

Software

nginx/1.15.6 /

Resource Hash

02d284edebfa486387da21f3461a27e4060dae8e4ffd1283d3ab673483f220ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Mar 2019 22:19:57 GMT
server: nginx/1.15.6
etag: W/"5c88308d-b555"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 leadify Show response
leadify.gradientps.com/api/ 1 KB
735 B 957ms
193ms Script
application/javascript 18.218.95.216
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://leadify.gradientps.com/api/leadify

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.218.95.216 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-218-95-216.us-east-2.compute.amazonaws.com

Software

nginx/1.15.6 /

Resource Hash

ea111662c47257cf68a486228bd8a4c366a45e9c75a63f74ac5d42265a176893

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.15.6
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
status: 200
x-ratelimit-remaining: 59
cache-control: no-cache, private
x-ratelimit-limit: 60
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK vaForm.js Show response
federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-va-form/js/ 1 KB
994 B 311ms
106ms Script
application/javascript 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-va-form/js/vaForm.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 809574da221097620620cad5669337a2b59d0435dfd5c69899fd121b874aee32

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Sep 2016 13:10:23 GMT
Server: nginx
ETag: "542-53da5334d4829-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 556
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H/1.1 200
OK magnific-popup-v0.9.9.js Show response
federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-lightbox/lib/ 17 KB
7 KB 311ms
106ms Script
application/javascript 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-lightbox/lib/magnific-popup-v0.9.9.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e7383840321c3a90c085f63a9745dd29045089612153c1722456cfeeb8efdbf4

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jun 2015 14:15:32 GMT
Server: nginx
ETag: "43ec-519bcd6cf2900-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 6433
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H2

200

/ Show response
www.gpswp.com/
Redirect Chain

http://gpswp.com/?dm=1032123d748dbec390e01c966c4686b6&action=load&blogid=393&siteid=1&t=1109449156&back=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F
https://gpswp.com/?dm=1032123d748dbec390e01c966c4686b6&action=load&blogid=393&siteid=1&t=1109449156&back=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F
https://www.gpswp.com/?dm=1032123d748dbec390e01c966c4686b6&action=load&blogid=393&siteid=1&t=1109449156&back=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F

0
187 B

554ms
356ms

Script
text/html

146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gpswp.com/?dm=1032123d748dbec390e01c966c4686b6&action=load&blogid=393&siteid=1&t=1109449156&back=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:41 GMT
server: nginx
x-cache-enabled: False
status: 200
cache-control: max-age=15552000
x-proxy-cache: MISS
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=86400; v="43,39"
content-length: 0
expires: Fri, 22 May 2020 20:51:40 GMT

Redirect headers

date: Sun, 24 Nov 2019 20:51:40 GMT
server: nginx
x-redirect-by: WordPress
location: https://www.gpswp.com/?dm=1032123d748dbec390e01c966c4686b6&action=load&blogid=393&siteid=1&t=1109449156&back=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F
x-cache-enabled: False
status: 301
cache-control: max-age=15552000
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=86400; v="43,39"
x-proxy-cache: MISS
expires: Fri, 22 May 2020 20:51:40 GMT

GET
H2

200

Slide-5.jpg
gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/
Redirect Chain

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-5.jpg
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-5.jpg

149 KB
149 KB

497ms
197ms

Image
image/jpeg

146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-5.jpg
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9172a03f3a355a03d7cca16712cc739d5fb1599d7a42e94bc2aee0dbd875fae6

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:40 GMT
last-modified: Thu, 07 Jul 2016 19:32:49 GMT
server: nginx
etag: "25416-53710c05a4685"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-proxy-cache: MISS
accept-ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
content-length: 152598
expires: Mon, 23 Nov 2020 20:51:40 GMT

Redirect headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-5.jpg
Connection: keep-alive
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 426
X-Proxy-Cache: MISS

GET
H/1.1 200
OK Final_Logo_1outlines.png
federalemployeebenefitcoordinators.com/wp-content/uploads/sites/393/ 47 KB
47 KB 107ms
107ms Image
image/png 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/uploads/sites/393/Final_Logo_1outlines.png
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: eb833072c4becd49700a7bed735b751ae06ba2859316436154bdbbfb165738b6

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:40 GMT
Last-Modified: Fri, 27 Oct 2017 15:46:19 GMT
Server: nginx
ETag: "bc01-55c89309b2cb7"
Content-Type: image/png
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 48129
Expires: Mon, 23 Nov 2020 20:51:40 GMT

GET
H2

200

Slide-6.jpg
gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/
Redirect Chain

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-6.jpg
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-6.jpg

220 KB
220 KB

113ms
113ms

Image
image/jpeg

146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-6.jpg
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 90fabbac2f5ab50b27db05f43a278bd4dbf188b4d09aafddfc63e41ff496aac9

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:40 GMT
last-modified: Thu, 07 Jul 2016 19:46:51 GMT
server: nginx
etag: "36fb5-53710f284e56c"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-proxy-cache: MISS
accept-ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
content-length: 225205
expires: Mon, 23 Nov 2020 20:51:40 GMT

Redirect headers

Date: Sun, 24 Nov 2019 20:51:40 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-6.jpg
Connection: keep-alive
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 426
X-Proxy-Cache: MISS

GET
H2

200

Slide-7.jpg
gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/
Redirect Chain

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-7.jpg
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-7.jpg

142 KB
143 KB

171ms
171ms

Image
image/jpeg

146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-7.jpg
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e1403ae72c09d17e544b0163c08d5ab2408285230573d4e703fbd8d1804d937e

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:40 GMT
last-modified: Thu, 07 Jul 2016 19:51:17 GMT
server: nginx
etag: "2393c-53711025e5a45"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-proxy-cache: MISS
accept-ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
content-length: 145724
expires: Mon, 23 Nov 2020 20:51:40 GMT

Redirect headers

Date: Sun, 24 Nov 2019 20:51:40 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/Slide-7.jpg
Connection: keep-alive
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 426
X-Proxy-Cache: MISS

GET
H2

200

ss-max-large.jpg
gpswp.com/planwell-retirewell/wp-content/uploads/sites/355/
Redirect Chain

http://gpswp.com/planwell-retirewell/wp-content/uploads/sites/355/ss-max-large.jpg
https://gpswp.com/planwell-retirewell/wp-content/uploads/sites/355/ss-max-large.jpg

48 KB
48 KB

113ms
113ms

Image
image/jpeg

146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpswp.com/planwell-retirewell/wp-content/uploads/sites/355/ss-max-large.jpg
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: ccc5cf4f2f1d1a2882e1161364818eb53040b04614cafb19959d1d4607ba05ab

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:41 GMT
last-modified: Mon, 29 Feb 2016 20:26:04 GMT
server: nginx
etag: "be5b-52cee75380f00"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-proxy-cache: MISS
accept-ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
content-length: 48731
expires: Mon, 23 Nov 2020 20:51:41 GMT

Redirect headers

Date: Sun, 24 Nov 2019 20:51:41 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: https://gpswp.com/planwell-retirewell/wp-content/uploads/sites/355/ss-max-large.jpg
Connection: keep-alive
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 416
X-Proxy-Cache: MISS

GET
H2

200

fed_ben_photo.jpg
gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/
Redirect Chain

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/fed_ben_photo.jpg
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/fed_ben_photo.jpg

82 KB
83 KB

115ms
115ms

Image
image/jpeg

146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/fed_ben_photo.jpg
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: f4cb9a73b01eb1d052d5fb56d7ab517f123a9ae93a1781c775d9c703d4b07d90

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:41 GMT
last-modified: Fri, 29 Jul 2016 15:01:29 GMT
server: nginx
etag: "14939-538c7867b080b"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-proxy-cache: MISS
accept-ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
content-length: 84281
expires: Mon, 23 Nov 2020 20:51:41 GMT

Redirect headers

Date: Sun, 24 Nov 2019 20:51:41 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/fed_ben_photo.jpg
Connection: keep-alive
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 432
X-Proxy-Cache: MISS

GET
H2

200

emp-women-vid.jpg
gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/
Redirect Chain

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/emp-women-vid.jpg
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/emp-women-vid.jpg

7 KB
7 KB

110ms
110ms

Image
image/jpeg

146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/emp-women-vid.jpg
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: c946ac518bef20206a213357e1430e937232b4193c3eae705422304dd3be56e9

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:41 GMT
last-modified: Wed, 21 Sep 2016 15:27:33 GMT
server: nginx
etag: "1a80-53d062f29f68d"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-proxy-cache: MISS
accept-ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
content-length: 6784
expires: Mon, 23 Nov 2020 20:51:41 GMT

Redirect headers

Date: Sun, 24 Nov 2019 20:51:41 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/emp-women-vid.jpg
Connection: keep-alive
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 432
X-Proxy-Cache: MISS

GET
H2

200

bene-review-vid.jpg
gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/
Redirect Chain

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/bene-review-vid.jpg
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/bene-review-vid.jpg

11 KB
12 KB

109ms
109ms

Image
image/jpeg

146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/bene-review-vid.jpg
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: b6eb84efad9de0cc8f3d624456b824ab7cd63875c8f2097dac6489e0fb4e5672

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:41 GMT
last-modified: Wed, 21 Sep 2016 15:27:29 GMT
server: nginx
etag: "2d92-53d062eebdfd0"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-proxy-cache: MISS
accept-ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
content-length: 11666
expires: Mon, 23 Nov 2020 20:51:41 GMT

Redirect headers

Date: Sun, 24 Nov 2019 20:51:41 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/bene-review-vid.jpg
Connection: keep-alive
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 434
X-Proxy-Cache: MISS

GET
H2

200

writ-retirement-vid.jpg
gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/
Redirect Chain

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/writ-retirement-vid.jpg
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/writ-retirement-vid.jpg

9 KB
9 KB

109ms
109ms

Image
image/jpeg

146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/writ-retirement-vid.jpg
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: efe664548d3d6d5c47817d69ee1fd1de70d167f23d3248486fddf0d5f7d495d9

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:41 GMT
last-modified: Wed, 21 Sep 2016 15:27:37 GMT
server: nginx
etag: "2380-53d062f5d9591"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-proxy-cache: MISS
accept-ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
content-length: 9088
expires: Mon, 23 Nov 2020 20:51:41 GMT

Redirect headers

Date: Sun, 24 Nov 2019 20:51:41 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/writ-retirement-vid.jpg
Connection: keep-alive
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 438
X-Proxy-Cache: MISS

GET
H2

200

elizabeth_footer_smaller.jpg
gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/
Redirect Chain

http://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/elizabeth_footer_smaller.jpg
https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/elizabeth_footer_smaller.jpg

14 KB
14 KB

111ms
110ms

Image
image/jpeg

146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/elizabeth_footer_smaller.jpg
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: edc90ba94faed9ccd983acd248bfca3e3815c7c111e5ef6f50c19b03ddb70691

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:41 GMT
last-modified: Fri, 14 Oct 2016 18:42:18 GMT
server: nginx
etag: "3798-53ed795fd54ea"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-proxy-cache: MISS
accept-ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
content-length: 14232
expires: Mon, 23 Nov 2020 20:51:41 GMT

Redirect headers

Date: Sun, 24 Nov 2019 20:51:41 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: https://gpswp.com/federalemployeebenefitcoordinators/wp-content/uploads/sites/393/elizabeth_footer_smaller.jpg
Connection: keep-alive
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 443
X-Proxy-Cache: MISS

GET
H/1.1 200
OK lightbox.css
federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-lightbox/lib/ 8 KB
2 KB 109ms
108ms Stylesheet
text/css 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-lightbox/lib/lightbox.css
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 625dc74c109fe702b02bb2945c756c165e4dcce73f9eca7918df60294b459c76

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jun 2015 14:15:32 GMT
Server: nginx
ETag: "1e2d-519bcd6cf2900-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 1933
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.0.0/js/ 630 KB
266 KB 21ms
6ms Script
text/javascript 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.0/js/all.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 350f72771ceaf9b8392c1646cf2b9f495599c1d5ab31f63a0e709ade6cc336de

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:39 GMT
content-encoding: gzip
last-modified: Fri, 01 Dec 2017 19:22:56 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"21ce922d27f08ab492775ab1fd68e0d8"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 v4-shims.js Show response
use.fontawesome.com/releases/v5.0.0/js/ 15 KB
5 KB 8ms
7ms Script
text/javascript 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.0/js/v4-shims.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f311a60e6dc6a10d4c2baeff8eeb0997e47111d909a004c6e075c7c5041bc8a9

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 20:51:40 GMT
content-encoding: gzip
last-modified: Fri, 01 Dec 2017 19:22:59 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"fc8b8db94aa8c5c0fbc1de49a6083ae3"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 200
OK jquery.bxslider.min.js Show response
federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-slider/lib/js/ 19 KB
5 KB 106ms
106ms Script
application/javascript 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-slider/lib/js/jquery.bxslider.min.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jun 2015 14:15:36 GMT
Server: nginx
ETag: "4b9f-519bcd70c3200-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 5162
Expires: Mon, 23 Nov 2020 20:51:40 GMT

GET
H/1.1 200
OK gps-slider-script.js Show response
federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-slider/lib/js/ 797 B
808 B 106ms
106ms Script
application/javascript 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-slider/lib/js/gps-slider-script.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 48a29b986d22aa87ad20a18a360c54ef9dc025cecb28df7d652c419d7cfc3235

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Oct 2015 20:04:17 GMT
Server: nginx
ETag: "31d-5228ec4435240-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 370
Expires: Mon, 23 Nov 2020 20:51:40 GMT

GET
H/1.1 200
OK new-tab.min.js Show response
federalemployeebenefitcoordinators.com/wp-content/plugins/page-links-to/js/ 4 KB
3 KB 106ms
106ms Script
application/javascript 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/plugins/page-links-to/js/new-tab.min.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 582278063c6f97f70b739bc1530060e16e176bb7b792ec5bd542d2083ed6b21c

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Oct 2019 22:30:22 GMT
Server: nginx
ETag: "f3f-596142971dce9-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 2285
Expires: Mon, 23 Nov 2020 20:51:40 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
federalemployeebenefitcoordinators.com/wp-includes/js/ 1 KB
1 KB 105ms
105ms Script
application/javascript 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-includes/js/wp-embed.min.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Sep 2019 15:54:37 GMT
Server: nginx
ETag: "57b-5925d27a00c9c-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 753
Expires: Mon, 23 Nov 2020 20:51:40 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
federalemployeebenefitcoordinators.com/wp-includes/js/ 14 KB
5 KB 107ms
106ms Script
application/javascript 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Sep 2019 15:54:38 GMT
Server: nginx
ETag: "3610-5925d27a102b5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 4622
Expires: Mon, 23 Nov 2020 20:51:41 GMT

GET
H/1.1 200
OK style.css
federalemployeebenefitcoordinators.com/wp-content/themes/advisor9/ 4 KB
2 KB 108ms
106ms Stylesheet
text/css 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/themes/advisor9/style.css
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 233668384335efecc6c31ffd291dcdfd6829fd4f84d220841df57b61607ce9e8

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Jan 2017 18:53:01 GMT
Server: nginx
ETag: "11ef-54662ed0dcdf5-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 1647
Expires: Mon, 23 Nov 2020 20:51:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
478 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fjalla+One|Average

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

1a4563338926eaa016e8c38fee9023c0bda882618fc392f5c57ca2426f6a039a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 24 Nov 2019 20:51:39 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 24 Nov 2019 20:51:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 24 Nov 2019 20:51:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
460 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quattrocento:400,700

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d60a0feb2a6c3bd08f2ba805b62e3fd3b07328ab6618f295a47ec5aeeb3a9a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 24 Nov 2019 20:51:39 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 24 Nov 2019 20:51:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 24 Nov 2019 20:51:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
598 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quattrocento+Sans:400,400italic,700,700italic

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2d6d6e99266b3f33992c4d2b55724e0c21c31cf24ba08962835891aba9dd3dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 24 Nov 2019 20:51:39 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 24 Nov 2019 20:51:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 24 Nov 2019 20:51:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1006 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d0a2c1198cb835d87461abc258a6a9fa6a94ec2a584fa22486d88ef08726bcbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 24 Nov 2019 20:51:39 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 24 Nov 2019 20:51:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 24 Nov 2019 20:51:39 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/ 254 KB
91 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 23:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Nov 2019 05:06:47 GMT
server: sffe
age: 248733
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92852
x-xss-protection: 0
expires: Fri, 20 Nov 2020 23:46:08 GMT

GET
H/1.1 200
OK logo.png
federalemployeebenefitcoordinators.com/wp-content/themes/inman-child/i/ 80 KB
80 KB 111ms
111ms Image
image/png 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/themes/inman-child/i/logo.png
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: cc7f370fe58bcd41a0e91bbccc4808ce9e21ad1c685e3fa163c5f6cc17a3846c

Request headers

Referer: http://federalemployeebenefitcoordinators.com/wp-content/themes/inman-child/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:41 GMT
Last-Modified: Fri, 01 Sep 2017 15:14:07 GMT
Server: nginx
ETag: "1407a-558223652a24c"
Content-Type: image/png
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 82042
Expires: Mon, 23 Nov 2020 20:51:41 GMT

GET
H2 200 va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrRPXziirsI.woff2
fonts.gstatic.com/s/quattrocentosans/v12/ 12 KB
12 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocentosans/v12/va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrRPXziirsI.woff2

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6b0ebedc5d14782d84bb4db09ad7a3d98834ec937c7ebe0f40519777e3aa19a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Quattrocento+Sans:400,400italic,700,700italic
Origin: http://federalemployeebenefitcoordinators.com

Response headers

date: Thu, 21 Nov 2019 07:14:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:48:42 GMT
server: sffe
age: 308224
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12496
x-xss-protection: 0
expires: Fri, 20 Nov 2020 07:14:37 GMT

GET
H2 200 nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2
fonts.gstatic.com/s/playfairdisplay/v15/ 18 KB
18 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v15/nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ce421cefeba1fd14f39e9baf36f62453dfd1a947bdcb76fc1995ab2b4013b3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Playfair+Display:400,700|Abril+Fatface|Domine:400,700|Playfair+Display+SC:400,700|Vidaloka|Volkhov:400,700
Origin: http://federalemployeebenefitcoordinators.com

Response headers

date: Wed, 20 Nov 2019 08:09:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:25:20 GMT
server: sffe
age: 391328
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 18436
x-xss-protection: 0
expires: Thu, 19 Nov 2020 08:09:33 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.gstatic.com/s/playfairdisplay/v15/ 17 KB
17 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v15/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e0c0e70dfa0b6e6611d9b6b13f4f2c25acc3c4c346e0ded5405a5fa4a40eceb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Playfair+Display:400,700|Abril+Fatface|Domine:400,700|Playfair+Display+SC:400,700|Vidaloka|Volkhov:400,700
Origin: http://federalemployeebenefitcoordinators.com

Response headers

date: Fri, 22 Nov 2019 01:40:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:57 GMT
server: sffe
age: 241845
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 16972
x-xss-protection: 0
expires: Sat, 21 Nov 2020 01:40:56 GMT

GET
H2 200 va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt0_8H3HI.woff2
fonts.gstatic.com/s/quattrocentosans/v12/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocentosans/v12/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt0_8H3HI.woff2

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d00fc11b123326589dd0628900e945f3b8a9cb194f63fc5a440481baed22ded4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Quattrocento+Sans:400,400italic,700,700italic
Origin: http://federalemployeebenefitcoordinators.com

Response headers

date: Wed, 20 Nov 2019 15:02:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:48:40 GMT
server: sffe
age: 366572
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12900
x-xss-protection: 0
expires: Thu, 19 Nov 2020 15:02:09 GMT

GET
H2 200 va9X4lja2NVIDdIAAoMR5MfuElaRB0zMj_bTDX7ojZkKR7A.woff2
fonts.gstatic.com/s/quattrocentosans/v12/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocentosans/v12/va9X4lja2NVIDdIAAoMR5MfuElaRB0zMj_bTDX7ojZkKR7A.woff2

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

444484f55d2a5710a853b216e9c50cdde4f84e2cd7e036cb06b5dd8213885090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Quattrocento+Sans:400,400italic,700,700italic
Origin: http://federalemployeebenefitcoordinators.com

Response headers

date: Thu, 21 Nov 2019 18:05:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:48:48 GMT
server: sffe
age: 269158
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13184
x-xss-protection: 0
expires: Fri, 20 Nov 2020 18:05:43 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1084
date: Sun, 24 Nov 2019 20:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sun, 24 Nov 2019 22:33:37 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 va9a4lja2NVIDdIAAoMR5MfuElaRB0zMh032GFPKgLM.woff2
fonts.gstatic.com/s/quattrocentosans/v12/ 14 KB
15 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocentosans/v12/va9a4lja2NVIDdIAAoMR5MfuElaRB0zMh032GFPKgLM.woff2

Requested by

Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.0/js/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3e05ccd8fbcec56776be272014be193725482ab545b3d5a4f51c378a971fa4cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Quattrocento+Sans:400,400italic,700,700italic
Origin: http://federalemployeebenefitcoordinators.com

Response headers

date: Thu, 21 Nov 2019 15:39:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:48:19 GMT
server: sffe
age: 277950
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14840
x-xss-protection: 0
expires: Fri, 20 Nov 2020 15:39:11 GMT

GET
H/1.1 200
OK bx_loader.gif
federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-slider/lib/img/ 8 KB
9 KB 108ms
108ms Image
image/gif 146.66.78.158
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-slider/lib/img/bx_loader.gif
Requested by: Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Server: 146.66.78.158 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

Referer: http://federalemployeebenefitcoordinators.com/wp-content/plugins/gpswp-slider/lib/css/gps-slider.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Sun, 24 Nov 2019 20:51:41 GMT
Last-Modified: Tue, 30 Jun 2015 14:15:35 GMT
Server: nginx
ETag: "2185-519bcd6fcefc0"
Content-Type: image/gif
Cache-Control: max-age=31536000
X-Proxy-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 8581
Expires: Mon, 23 Nov 2020 20:51:41 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 0E4B 0
0 42ms
42ms Document
text/html 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&co=aHR0cDovL2ZlZGVyYWxlbXBsb3llZWJlbmVmaXRjb29yZGluYXRvcnMuY29tOjgw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=compact&cb=82t8941gwiw4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uZJFN8MMRRxhyfd9BvvXUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&co=aHR0cDovL2ZlZGVyYWxlbXBsb3llZWJlbmVmaXRjb29yZGluYXRvcnMuY29tOjgw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=compact&cb=82t8941gwiw4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://federalemployeebenefitcoordinators.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: http://federalemployeebenefitcoordinators.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 24 Nov 2019 20:51:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-uZJFN8MMRRxhyfd9BvvXUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 8678
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 139F 0
0 40ms
40ms Document
text/html 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p9z8N0BYIZEI8cddEeeqIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&co=aHR0cDovL2ZlZGVyYWxlbXBsb3llZWJlbmVmaXRjb29yZGluYXRvcnMuY29tOjgw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=compact&cb=cth13s496ubb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://federalemployeebenefitcoordinators.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: http://federalemployeebenefitcoordinators.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 24 Nov 2019 20:51:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-p9z8N0BYIZEI8cddEeeqIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9305
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame F291 0
0 40ms
40ms Document
text/html 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h4Vz+xdhhY9yStyWxfXZMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&co=aHR0cDovL2ZlZGVyYWxlbXBsb3llZWJlbmVmaXRjb29yZGluYXRvcnMuY29tOjgw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=compact&cb=rbyv5qgxoo84
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://federalemployeebenefitcoordinators.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: http://federalemployeebenefitcoordinators.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 24 Nov 2019 20:51:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-h4Vz+xdhhY9yStyWxfXZMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 8643
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 085E 0
0 54ms
54ms Document
text/html 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FketbDHKeUQOAsdG699CkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&co=aHR0cDovL2ZlZGVyYWxlbXBsb3llZWJlbmVmaXRjb29yZGluYXRvcnMuY29tOjgw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=compact&cb=uj17dvd4e361
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://federalemployeebenefitcoordinators.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: http://federalemployeebenefitcoordinators.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 24 Nov 2019 20:51:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-FketbDHKeUQOAsdG699CkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9547
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j79&a=1225251415&t=pageview&_s=1&dl=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Federal%20Employee%20Bene...
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1225251415&t=pageview&_s=1&dl=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Federal%20Employee%20Ben...

35 B
111 B

13ms
13ms

Image
image/gif

2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1225251415&t=pageview&_s=1&dl=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Federal%20Employee%20Benefit%20Coordinators&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1987693434&gjid=680248368&cid=1860263431.1574628701&tid=UA-78444336-48&_gid=208841662.1574628701&_r=1&z=2011126439

Requested by

Host: federalemployeebenefitcoordinators.com
URL: http://federalemployeebenefitcoordinators.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://federalemployeebenefitcoordinators.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Nov 2019 20:51:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1225251415&t=pageview&_s=1&dl=http%3A%2F%2Ffederalemployeebenefitcoordinators.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Federal%20Employee%20Benefit%20Coordinators&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1987693434&gjid=680248368&cid=1860263431.1574628701&tid=UA-78444336-48&_gid=208841662.1574628701&_r=1&z=2011126439
Non-Authoritative-Reason: HSTS

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 1C43 0
0 18ms
18ms Document
text/html 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&cb=dt48g1qxyy5k

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1BIjuv5+RdFN9eWOkFx0+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&cb=dt48g1qxyy5k
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://federalemployeebenefitcoordinators.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: http://federalemployeebenefitcoordinators.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 24 Nov 2019 20:51:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-1BIjuv5+RdFN9eWOkFx0+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1114
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame E906 0
0 29ms
28ms Document
text/html 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&cb=byhjk6s0d26h

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nd1Kp9iNbrvV/W4UFJBuFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&cb=byhjk6s0d26h
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://federalemployeebenefitcoordinators.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: http://federalemployeebenefitcoordinators.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 24 Nov 2019 20:51:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-nd1Kp9iNbrvV/W4UFJBuFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 9090 0
0 19ms
19ms Document
text/html 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&cb=97krwkjld927

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ogFf7ijY8JOzAfVTEeaOvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&cb=97krwkjld927
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://federalemployeebenefitcoordinators.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: http://federalemployeebenefitcoordinators.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 24 Nov 2019 20:51:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-ogFf7ijY8JOzAfVTEeaOvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1115
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 8EF3 0
0 29ms
28ms Document
text/html 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&cb=e3e8ci2cqdpu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HSpK39/WANVcjJdARYksRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6Ldb3CMTAAAAAONkDMXQeeycFT1tKFMB2q4_E0wj&cb=e3e8ci2cqdpu
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://federalemployeebenefitcoordinators.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: http://federalemployeebenefitcoordinators.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 24 Nov 2019 20:51:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-HSpK39/WANVcjJdARYksRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1115
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.federalemployeebenefitcoordinators.com/	1970-01-19 05:23:48	Name: _gat Value: 1
.federalemployeebenefitcoordinators.com/	1970-01-19 05:25:15	Name: _gid Value: GA1.2.208841662.1574628701
.federalemployeebenefitcoordinators.com/	1970-01-19 22:55:00	Name: _ga Value: GA1.2.1860263431.1574628701

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://federalemployeebenefitcoordinators.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

federalemployeebenefitcoordinators.com
fonts.googleapis.com
fonts.gstatic.com
gpswp.com
leadify.gradientps.com
maxcdn.bootstrapcdn.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.gpswp.com
www.gstatic.com
146.66.78.158
18.218.95.216
2001:4de0:ac19::1:b:1a
23.111.9.35
2a00:1450:4001:800::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:81f::2003
2a00:1450:4001:825::200a
02d284edebfa486387da21f3461a27e4060dae8e4ffd1283d3ab673483f220ce
0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b
1a4563338926eaa016e8c38fee9023c0bda882618fc392f5c57ca2426f6a039a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
233668384335efecc6c31ffd291dcdfd6829fd4f84d220841df57b61607ce9e8
2d6d6e99266b3f33992c4d2b55724e0c21c31cf24ba08962835891aba9dd3dc9
2eae20aa387087cfb6460353835ac44d92a9ab0670a00f51e64c49419b791d82
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
350f72771ceaf9b8392c1646cf2b9f495599c1d5ab31f63a0e709ade6cc336de
3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e
3e05ccd8fbcec56776be272014be193725482ab545b3d5a4f51c378a971fa4cb
444484f55d2a5710a853b216e9c50cdde4f84e2cd7e036cb06b5dd8213885090
48a29b986d22aa87ad20a18a360c54ef9dc025cecb28df7d652c419d7cfc3235
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
51396c7bd442ff3169a0448dd3c1510513523ea0f259c5febaa0a8cafca591e0
582278063c6f97f70b739bc1530060e16e176bb7b792ec5bd542d2083ed6b21c
625dc74c109fe702b02bb2945c756c165e4dcce73f9eca7918df60294b459c76
65eab28856be0c97b03af0a60972b7e7581a87cb87ab5eac602b1f63e6545b7f
6644850da8fec33dfb5cd5df12062fcaa49d052f320294db2642f3c6f822f72f
6b0ebedc5d14782d84bb4db09ad7a3d98834ec937c7ebe0f40519777e3aa19a2
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
809574da221097620620cad5669337a2b59d0435dfd5c69899fd121b874aee32
80f849f65bfa7026c42f8f8eafbcce666f88467ee4dcff1d8200b2ec14f157a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90fabbac2f5ab50b27db05f43a278bd4dbf188b4d09aafddfc63e41ff496aac9
9172a03f3a355a03d7cca16712cc739d5fb1599d7a42e94bc2aee0dbd875fae6
b6eb84efad9de0cc8f3d624456b824ab7cd63875c8f2097dac6489e0fb4e5672
b958d775a5db3514a847f77d56b93f59d55e60e4f2232dcce94f2f510ef04f26
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
c946ac518bef20206a213357e1430e937232b4193c3eae705422304dd3be56e9
cc7f370fe58bcd41a0e91bbccc4808ce9e21ad1c685e3fa163c5f6cc17a3846c
ccc5cf4f2f1d1a2882e1161364818eb53040b04614cafb19959d1d4607ba05ab
ce421cefeba1fd14f39e9baf36f62453dfd1a947bdcb76fc1995ab2b4013b3ad
d00fc11b123326589dd0628900e945f3b8a9cb194f63fc5a440481baed22ded4
d0a2c1198cb835d87461abc258a6a9fa6a94ec2a584fa22486d88ef08726bcbd
d3019d3dc38ca038ee23f0745f55d5eb697aa82a3e6ad31f1f880f57f8e6893b
d60a0feb2a6c3bd08f2ba805b62e3fd3b07328ab6618f295a47ec5aeeb3a9a55
da28e0731312d1732eafb812ed524114e608b245d87b63f8f4902b4d0b93417e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e0c0e70dfa0b6e6611d9b6b13f4f2c25acc3c4c346e0ded5405a5fa4a40eceb1
e1403ae72c09d17e544b0163c08d5ab2408285230573d4e703fbd8d1804d937e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7383840321c3a90c085f63a9745dd29045089612153c1722456cfeeb8efdbf4
ea111662c47257cf68a486228bd8a4c366a45e9c75a63f74ac5d42265a176893
eb833072c4becd49700a7bed735b751ae06ba2859316436154bdbbfb165738b6
edc90ba94faed9ccd983acd248bfca3e3815c7c111e5ef6f50c19b03ddb70691
efe664548d3d6d5c47817d69ee1fd1de70d167f23d3248486fddf0d5f7d495d9
f311a60e6dc6a10d4c2baeff8eeb0997e47111d909a004c6e075c7c5041bc8a9
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe
f4cb9a73b01eb1d052d5fb56d7ab517f123a9ae93a1781c775d9c703d4b07d90

federalemployeebenefitcoordinators.com Open in urlscan Pro 146.66.78.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

61 Requests

59 %HTTPS

67 %IPv6

9 Domains

11 Subdomains

9 IPs

3 Countries

1429 kBTransfer

2423 kBSize

3 Cookies

10 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

federalemployeebenefitcoordinators.com Open in urlscan Pro
146.66.78.158 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

59 %
HTTPS

67 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

1429 kB
Transfer

2423 kB
Size

3
Cookies

61 HTTP transactions
0 data transactions