yourfederalretirement.org Open in urlscan Pro
192.241.157.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://w1.msonr.net/prod/42a19232-f59d-415f-8d2a-c5447c06c20a/28366c59-58bd-4cd0-a050-444bd4a03f29
Effective URL:
http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Submission: On January 14 via manual (January 14th 2020, 5:42:25 am UTC) from US

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 23 domains to perform 43 HTTP transactions. The main IP is 192.241.157.223, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is yourfederalretirement.org.

This is the only time yourfederalretirement.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.194.234.134 34.194.234.134	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	192.241.157.223 192.241.157.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:821::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:293::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	13.224.197.175 13.224.197.175	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2606:4700:20:... 2606:4700:20::681a:30e	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	13.56.143.234 13.56.143.234	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	35.202.21.90 35.202.21.90	15169 (GOOGLE) (GOOGLE - Google LLC)
5	35.192.151.63 35.192.151.63	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
43	19

1 34.194.234.134 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-194-234-134.compute-1.amazonaws.com

w1.msonr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.241.157.223 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

yourfederalretirement.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:293::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.175 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-175.fra2.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:30e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.56.143.234 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-56-143-234.us-west-1.compute.amazonaws.com

pm.geniusmonkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 90.21.202.35.bc.googleusercontent.com

americanretirementsociety.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.192.151.63 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googleusercontent.com lh3.googleusercontent.com	190 KB
5	leadpages.io api.leadpages.io	2 KB
4	facebook.com www.facebook.com	705 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	ensighten.com nexus.ensighten.com	10 KB
3	facebook.net connect.facebook.net	256 KB
3	gstatic.com fonts.gstatic.com	35 KB
2	americanretirementsociety.org 1 redirects americanretirementsociety.org	334 B
2	useproof.com cdn.useproof.com	487 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	center.io js.center.io	5 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	77 KB
1	google.de www.google.de	478 B
1	google.com 1 redirects www.google.com	559 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	454 B
1	geniusmonkey.com pm.geniusmonkey.com	485 B
1	cloudfront.net d10lpsik1i8c69.cloudfront.net	3 KB
1	bizographics.com sjs.bizographics.com	2 KB
1	leadpages.net static.leadpages.net	15 KB
1	googletagmanager.com www.googletagmanager.com	24 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	yourfederalretirement.org yourfederalretirement.org	102 KB
1	msonr.net 1 redirects w1.msonr.net	274 B
43	23

	Domain	Requested by
8	lh3.googleusercontent.com	yourfederalretirement.org
5	api.leadpages.io	js.center.io static.leadpages.net
4	www.facebook.com	yourfederalretirement.org
3	nexus.ensighten.com	www.googletagmanager.com nexus.ensighten.com
3	connect.facebook.net	yourfederalretirement.org connect.facebook.net
3	fonts.gstatic.com	yourfederalretirement.org
2	americanretirementsociety.org	1 redirects static.leadpages.net
2	px.ads.linkedin.com	1 redirects yourfederalretirement.org
2	cdn.useproof.com	www.googletagmanager.com cdn.useproof.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	js.center.io	yourfederalretirement.org js.center.io
2	maxcdn.bootstrapcdn.com	yourfederalretirement.org
1	www.google.de	yourfederalretirement.org
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.linkedin.com	1 redirects
1	pm.geniusmonkey.com	www.googletagmanager.com
1	d10lpsik1i8c69.cloudfront.net	yourfederalretirement.org
1	sjs.bizographics.com	www.googletagmanager.com
1	static.leadpages.net	yourfederalretirement.org
1	www.googletagmanager.com	yourfederalretirement.org
1	fonts.googleapis.com	yourfederalretirement.org
1	yourfederalretirement.org
1	w1.msonr.net	1 redirects
43	24

This site contains no links.

Subject Issuer	Validity	Valid
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh
*.center.io COMODO RSA Domain Validation Secure Server CA	`2017-01-18` - `2020-02-08`	3 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh
*.leadpages.net Go Daddy Secure Certificate Authority - G2	`2019-03-11` - `2021-03-11`	2 years	crt.sh
*.google.com GTS CA 1O1	`2019-12-20` - `2020-03-13`	3 months	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-12-06` - `2020-03-05`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-23` - `2020-10-09`	a year	crt.sh
*.geniusmonkey.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-21` - `2021-06-18`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
www.google.de GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh
americanretirementsociety.org Let's Encrypt Authority X3	`2019-11-30` - `2020-02-28`	3 months	crt.sh
*.leadpages.io Go Daddy Secure Certificate Authority - G2	`2019-11-12` - `2021-11-12`	2 years	crt.sh

This page contains 4 frames:

Primary Page: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Frame ID: 0189D05D267E4D025208282C216C9A77
Requests: 40 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: E3AB726EFB2FBF071359E2D84145FE7C
Requests: 1 HTTP requests in this frame

Frame: https://americanretirementsociety.org/serve-leadbox/E8fBHd6JghDn8QdWeFP8L3/?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Frame ID: 30F4E2ACE20078F5C2EC8A89CE307586
Requests: 1 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 2B7F596A2D5112A2449DECA0A16D8AE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://w1.msonr.net/prod/42a19232-f59d-415f-8d2a-c5447c06c20a/28366c59-58bd-4cd0-a050-444bd4a03f29 HTTP 302
http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/nexus\.ensighten\.com\//i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

43
Requests

91 %
HTTPS

70 %
IPv6

23
Domains

24
Subdomains

19
IPs

6
Countries

1229 kB
Transfer

2153 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://w1.msonr.net/prod/42a19232-f59d-415f-8d2a-c5447c06c20a/28366c59-58bd-4cd0-a050-444bd4a03f29 HTTP 302
http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=21921&url=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&time=1578980528437 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D21921%26url%3Dhttp%253A%252F%252Fyourfederalretirement.org%252Faustin%253FmsID%253D28366c59-58bd-4cd0-a050-444bd4a03f29%26time%3D1578980528437%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=21921&url=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&time=1578980528437&liSync=true

Request Chain 26

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1592682788&t=pageview&_s=1&dl=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&ul=en-us&de=UTF-8&dt=Federal%20Employee%20Retirement%20Workshop%20%7C%20Austin%2C%20TX&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=925188709&gjid=1048207535&cid=466307956.1578980528&tid=UA-4803385-9&_gid=1460850255.1578980528&_r=1&gtm=2wg121PDT6S5&z=1298830597 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4803385-9&cid=466307956.1578980528&jid=925188709&_gid=1460850255.1578980528&gjid=1048207535&_v=j79&z=1298830597 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4803385-9&cid=466307956.1578980528&jid=925188709&_v=j79&z=1298830597 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4803385-9&cid=466307956.1578980528&jid=925188709&_v=j79&z=1298830597&slf_rd=1&random=3576304410

Request Chain 27

http://americanretirementsociety.org/serve-leadbox/E8fBHd6JghDn8QdWeFP8L3/?msID=28366c59-58bd-4cd0-a050-444bd4a03f29 HTTP 301
https://americanretirementsociety.org/serve-leadbox/E8fBHd6JghDn8QdWeFP8L3/?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request austin Show response
yourfederalretirement.org/
Redirect Chain

http://w1.msonr.net/prod/42a19232-f59d-415f-8d2a-c5447c06c20a/28366c59-58bd-4cd0-a050-444bd4a03f29
http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

102 KB
102 KB

1684ms
1628ms

Document
text/html

192.241.157.223
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Protocol: HTTP/1.1
Server: 192.241.157.223 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: c37bd9b2acab39b153303086610d25941b709bf8932bae1315235b6eaf64577f

Request headers

Host: yourfederalretirement.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 05:42:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 14 Jan 2020 05:42:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 206
Connection: keep-alive
X-Powered-By: Express
Location: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Vary: Accept

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
7 KB 50ms
35ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Requested by: Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 6662

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 51ms
39ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto:300,400,500,700|Source%20Sans%20Pro:300,400,500,700

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b6950918e03ee6935b0267076939eff134e76ea548228ccdf4a70034b1788d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 14 Jan 2020 05:42:08 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 14 Jan 2020 05:42:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 14 Jan 2020 05:42:08 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 78ms
22ms Script
application/javascript 2a00:1450:4001:821::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3adb60545bd82c9e4963d5bb1a08138b66c931262fb4852ca38219c430762e0a

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:41:51 GMT
content-encoding: gzip
server: Google Frontend
age: 17
etag: "1wcOuA"
content-type: application/javascript
status: 200
x-cloud-trace-context: 0c7c8979fa5f1daac9822a75e310cdf9
cache-control: public, max-age=300
content-length: 5099
expires: Tue, 14 Jan 2020 05:46:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 72 KB
24 KB 53ms
41ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDT6S5

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

946d84f43412e4511d79535be1af0579b61df7469bda16f4481b2740054e7a11

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
content-encoding: br
last-modified: Tue, 14 Jan 2020 03:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 24593
x-xss-protection: 0
expires: Tue, 14 Jan 2020 05:42:08 GMT

GET
H2 200 7oEtpSjtYHFd7U6jEJwisyl5nEaslqo8ZlpG2mkCjuy1vusWSuokSngMbX1W1U_FIyGMThP9jp_G5b829GPe9w=s16
lh3.googleusercontent.com/ 479 B
878 B 31ms
17ms Image
image/jpeg 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/7oEtpSjtYHFd7U6jEJwisyl5nEaslqo8ZlpG2mkCjuy1vusWSuokSngMbX1W1U_FIyGMThP9jp_G5b829GPe9w=s16

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

f19d476bf2c3d54a071b2240af9ef7d31e35e24862cdd76103ce4b1a721aacb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 479
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 14 Jan 2020 19:42:40 GMT

GET
H2 200 fGp-6wkNPtPHn00VhlUkYkI_YnDcXkugXGVE94zqrdX04T3ydvuQiBAkPUqNfLOVN6s9fxbQsV9eP3oWW9n5GUc=s0
lh3.googleusercontent.com/ 13 KB
13 KB 32ms
19ms Image
image/png 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/fGp-6wkNPtPHn00VhlUkYkI_YnDcXkugXGVE94zqrdX04T3ydvuQiBAkPUqNfLOVN6s9fxbQsV9eP3oWW9n5GUc=s0

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

fb8c49b153a2d8cf940873044dc003a661ae7da66214a3568ea2dae93dc5e9dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13478
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 14 Jan 2020 19:42:40 GMT

GET
H2 200 phJAMDjaZJcAwkktWyjENVo-fsMLjdTwQtp-OnO-MsSSftahQIojK2BQ91aotzjrxjvWgTHoYmqxZvdFdYsTwA=w16
lh3.googleusercontent.com/ 446 B
512 B 38ms
27ms Image
image/jpeg 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/phJAMDjaZJcAwkktWyjENVo-fsMLjdTwQtp-OnO-MsSSftahQIojK2BQ91aotzjrxjvWgTHoYmqxZvdFdYsTwA=w16

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

6ce9c73e84b42fb623b2820556a4c0067591d7c17ccf435f26e3054e0315ed17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 446
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 14 Jan 2020 19:42:40 GMT

GET
H2 200 T2ksUcSpxl3ckZyGF3bV0L7wbVCluL6GIepuZCce-pYrSBPHjNThXKxgyNAXGiE7Atg-GnUNFQGLr-H8fgltoA=s0
lh3.googleusercontent.com/ 39 KB
39 KB 31ms
21ms Image
image/jpeg 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/T2ksUcSpxl3ckZyGF3bV0L7wbVCluL6GIepuZCce-pYrSBPHjNThXKxgyNAXGiE7Atg-GnUNFQGLr-H8fgltoA=s0

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

84325c7d2768a8107eb8dcc2b9bf964d7103e09e3db6bad7d865db1c18ef812d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39617
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 14 Jan 2020 19:42:40 GMT

GET
H2 200 HXwstnz8T-DfNsB1FJYq695wqbvE5Me3VmmNmbxrDdHPP6uwVM_c1ETqD3VbJDeLUdOXW3CzRNI4mzJw1Ib7=w16
lh3.googleusercontent.com/ 772 B
891 B 28ms
18ms Image
image/png 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/HXwstnz8T-DfNsB1FJYq695wqbvE5Me3VmmNmbxrDdHPP6uwVM_c1ETqD3VbJDeLUdOXW3CzRNI4mzJw1Ib7=w16

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

e725d749e43b0eb1add64b8d5e69890f9e4dc258ac61626b075cee0e3e5e39c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 772
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 15 Jan 2020 05:42:08 GMT

GET
H2 200 embed.js Show response
static.leadpages.net/leadboxes/current/ 42 KB
15 KB 76ms
13ms Script
application/javascript 2a00:1450:4001:821::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/leadboxes/current/embed.js
Requested by: Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 96657a7b3cda304308b1f988ffe719d12eaf51332806d508f3565e757670558d

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:38:47 GMT
content-encoding: gzip
server: Google Frontend
age: 201
etag: "4I2xtQ"
content-type: application/javascript
status: 200
x-cloud-trace-context: 1c3a2bf1ba41cbba11e3fa8a76d01017
cache-control: public, max-age=300
access-control-allow-origin: *
content-length: 14822
expires: Tue, 14 Jan 2020 05:43:47 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 13 KB
13 KB 25ms
12ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto:300,400,500,700|Source%20Sans%20Pro:300,400,500,700
Origin: http://yourfederalretirement.org

Response headers

date: Mon, 13 Jan 2020 17:01:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:19 GMT
server: sffe
age: 45651
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13324
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:01:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 20ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto:300,400,500,700|Source%20Sans%20Pro:300,400,500,700
Origin: http://yourfederalretirement.org

Response headers

date: Thu, 09 Jan 2020 00:21:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 451244
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 08 Jan 2021 00:21:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 19ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto:300,400,500,700|Source%20Sans%20Pro:300,400,500,700
Origin: http://yourfederalretirement.org

Response headers

date: Fri, 22 Nov 2019 04:03:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 4585144
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 21 Nov 2020 04:03:04 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
70 KB 24ms
9ms Font
font/woff2 2001:4de0:ac19::1:b:2a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Origin: http://yourfederalretirement.org

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin: *
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 71903

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a02:26f0:6c00:293::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDT6S5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:293::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 05:42:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=64729
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
18 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDT6S5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 234
date: Tue, 14 Jan 2020 05:38:14 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 14 Jan 2020 07:38:14 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30426
x-xss-protection: 0
pragma: public
x-fb-debug: 78uhfjJTZz3M3KoD7jb5bRbAM9aM0lfzAC5tsc32bWMZ1aEgNaFDKJjjJXE1FjnkLr8afrE4AkGA3yn98l+c0g==
x-fb-trip-id: 1850256238
date: Tue, 14 Jan 2020 05:42:08 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 105ms
34ms Script
application/javascript 13.224.197.175
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.175 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-175.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f742d108cb5d552b2110f8ed8a18e8a60cdebad9425f76eb2106a65c5e6e741

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:34:50 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 17:33:39 GMT
server: AmazonS3
age: 450
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: dPW8t84T-ZwDJwFLoSFZ6zh4wtoG9e_drYDOfJrL7cJfXJbs74Nm6Q==
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 43ms
13ms Script
application/javascript 2606:4700:20::681a:30e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=YYnFowi9msNokFpAJ9qU9riosZh1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDT6S5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:30e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0135e2e9e8402d3042377fb8fcba6fe26521209e26c2ae50a85e24d974fb1f8e

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
cf-cache-status: HIT
age: 6474754
status: 200
content-type: application/javascript
content-length: 497715
x-amz-id-2: wLlJIlYl31irnuLQqLJfOxW+Ny2P96fgSf5d7OtjqwI8BDNNhx8cj5Tg1S0gM2geeo9M4LeernI=
last-modified: Thu, 15 Aug 2019 15:41:48 GMT
server: cloudflare
etag: "fa2c0c9552b99319ed55ce70955855f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: CEE0D89547847240
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: 7RsCJUNysRMcqkyRLwe1KtYXPZzstQg_
accept-ranges: bytes
cf-ray: 554d48eecc1bd715-FRA

GET
H/1.1 200 gm.js Show response
pm.geniusmonkey.com/ 0
485 B 634ms
157ms Script
text/javascript 13.56.143.234
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.geniusmonkey.com/gm.js?id=1028350091&z=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDT6S5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.56.143.234 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-13-56-143-234.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 05:42:08 GMT
Cache-control: no-cache="set-cookie"
Connection: keep-alive
transfer-encoding: chunked
Content-Type: text/javascript;charset=ISO-8859-1

GET
H/1.1 200
OK Bootstrap.js Show response
nexus.ensighten.com/choozle/6400/ 29 KB
9 KB 64ms
47ms Script
application/javascript 18.195.42.228
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/choozle/6400/Bootstrap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDT6S5
Protocol: HTTP/1.1
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0baa84fc5ff954de3315b732d841bd892e20cddfbfddbbfebf4416c8f4ce157e

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 05:42:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Aug 2018 19:02:25 GMT
Server: nginx
ETag: W/"5b635541-7212"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
cache-control: max-age=300
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 identify.html
js.center.io/ Frame E3AB 0
0 14ms
13ms Document
text/html 2a00:1450:4001:821::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

:method: GET
:authority: js.center.io
:scheme: https
:path: /identify.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Response headers

status: 200
date: Tue, 14 Jan 2020 05:41:58 GMT
expires: Tue, 14 Jan 2020 05:46:58 GMT
etag: "1wcOuA"
x-cloud-trace-context: 6e7037748a478c3852fe916ea06fe31a
content-type: text/html
content-encoding: gzip
server: Google Frontend
content-length: 1698
age: 10
cache-control: public, max-age=300

GET
H2 200 phJAMDjaZJcAwkktWyjENVo-fsMLjdTwQtp-OnO-MsSSftahQIojK2BQ91aotzjrxjvWgTHoYmqxZvdFdYsTwA=w250
lh3.googleusercontent.com/ 16 KB
17 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/phJAMDjaZJcAwkktWyjENVo-fsMLjdTwQtp-OnO-MsSSftahQIojK2BQ91aotzjrxjvWgTHoYmqxZvdFdYsTwA=w250

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

c1095f898e78df57dd54d1b115cffdc1fc9e9d6fbdbb96f140d7fd18d236eca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16877
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 14 Jan 2020 19:42:40 GMT

GET
H2 200 HXwstnz8T-DfNsB1FJYq695wqbvE5Me3VmmNmbxrDdHPP6uwVM_c1ETqD3VbJDeLUdOXW3CzRNI4mzJw1Ib7=w150
lh3.googleusercontent.com/ 31 KB
31 KB 17ms
17ms Image
image/png 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/HXwstnz8T-DfNsB1FJYq695wqbvE5Me3VmmNmbxrDdHPP6uwVM_c1ETqD3VbJDeLUdOXW3CzRNI4mzJw1Ib7=w150

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

a4a77217bf5e0ba4a0d281527ba8e9239174f9d641fb3dfccf0c5251a1314eae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31868
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 14 Jan 2020 19:42:40 GMT

GET
H2 200 7oEtpSjtYHFd7U6jEJwisyl5nEaslqo8ZlpG2mkCjuy1vusWSuokSngMbX1W1U_FIyGMThP9jp_G5b829GPe9w=w1585
lh3.googleusercontent.com/ 87 KB
88 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/7oEtpSjtYHFd7U6jEJwisyl5nEaslqo8ZlpG2mkCjuy1vusWSuokSngMbX1W1U_FIyGMThP9jp_G5b829GPe9w=w1585

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

588feb016bdc43059619935b29ed6c8aa1945d76acee289801c09d764ffc137f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 89578
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 14 Jan 2020 19:42:40 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=21921&url=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&time=1578980528437
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D21921%26url%3Dhttp%253A%252F%252Fyourfederalretirement.org%252Faustin%253FmsID%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=21921&url=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&time=1578980528437&liSync=true

0
88 B

147ms
147ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=21921&url=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&time=1578980528437&liSync=true
Requested by: Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 20
x-li-uuid: m+LL0Wyq6RVQeKGTiSsAAA==

Redirect headers

date: Tue, 14 Jan 2020 05:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-efr5
content-length: 20
x-li-uuid: sbDXymyq6RUQc6dgNCsAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=21921&url=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&time=1578980528437&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1592682788&t=pageview&_s=1&dl=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&ul=en-us&de=UTF-8...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4803385-9&cid=466307956.1578980528&jid=925188709&_gid=1460850255.1578980528&gjid=1048207535&_v=j79&z=1298830597
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4803385-9&cid=466307956.1578980528&jid=925188709&_v=j79&z=1298830597
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4803385-9&cid=466307956.1578980528&jid=925188709&_v=j79&z=1298830597&slf_rd=1&random=3576304410

42 B
478 B

31ms
19ms

Image
image/gif

2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4803385-9&cid=466307956.1578980528&jid=925188709&_v=j79&z=1298830597&slf_rd=1&random=3576304410

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jan 2020 05:42:08 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jan 2020 05:42:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4803385-9&cid=466307956.1578980528&jid=925188709&_v=j79&z=1298830597&slf_rd=1&random=3576304410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
americanretirementsociety.org/serve-leadbox/E8fBHd6JghDn8QdWeFP8L3/ Frame 30F4
Redirect Chain

http://americanretirementsociety.org/serve-leadbox/E8fBHd6JghDn8QdWeFP8L3/?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
https://americanretirementsociety.org/serve-leadbox/E8fBHd6JghDn8QdWeFP8L3/?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

0
0

512ms
276ms

Document
text/html

35.202.21.90
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://americanretirementsociety.org/serve-leadbox/E8fBHd6JghDn8QdWeFP8L3/?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Requested by

Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.202.21.90 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: americanretirementsociety.org
:scheme: https
:path: /serve-leadbox/E8fBHd6JghDn8QdWeFP8L3/?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Response headers

status: 200
date: Tue, 14 Jan 2020 05:42:09 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"2e0bd3d1175c9793f39591d39dfd8417"
last-modified: Thu, 09 Jan 2020 21:53:02 GMT
x-cache: MISS, MISS
cache-control: no-cache
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br

Redirect headers

Date: Tue, 14 Jan 2020 05:42:08 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://americanretirementsociety.org/serve-leadbox/E8fBHd6JghDn8QdWeFP8L3/?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Server: Leadpages
Strict-Transport-Security: max-age=15768000

GET
H2 200 815245808608654 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 73ms
73ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/815245808608654?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3ba82eb951c3f4cdf8722777cee2f815da76abb695187d719f457f1520ea7b71

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: RORWaqJ0db63mZtWe177HIDURwUQ4s3w5S/G1Ojd2D+oAKZKuFHRv21AYveVG7It2l+XDYXtVkqHZXbI2SweXA==
x-fb-trip-id: 1850256238
date: Tue, 14 Jan 2020 05:42:08 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
657 B 402ms
151ms XHR
image/gif 35.192.151.63
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=ySz4gYRRjuc3DpymyAQTh6&v=&e=&st=wordpress&pid=jdEdL2m5qLrwLoyvbWfuAJ&uid=CR8sv6uoonfKAC4eUNtCJ8&sid=d9AZdqsUTMgLXcpsJyUHZU&cid=lp-ySz4gYRRjuc3DpymyAQTh6&uri=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&rf=&rx=1600&ry=1200&tz=%2B01%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.192.151.63 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Origin: http://yourfederalretirement.org

Response headers

Date: Tue, 14 Jan 2020 05:42:08 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 193.9.113.119
Content-Type: image/gif
access-control-allow-origin: http://yourfederalretirement.org
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
access-control-max-age: 600
Connection: keep-alive
x-request-id: 032si0gvuq7a6i9l39d0

GET
H2 200 index.html
cdn.useproof.com/proxy/ Frame 2B7F 0
0 653ms
653ms Document
text/html 2606:4700:20::681a:30e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=YYnFowi9msNokFpAJ9qU9riosZh1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:30e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.useproof.com
:scheme: https
:path: /proxy/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Response headers

status: 200
date: Tue, 14 Jan 2020 05:42:09 GMT
content-type: text/html
content-length: 325
set-cookie: __cfduid=d8d8fb6a35325b5300f88cd8d482a992d1578980528; expires=Thu, 13-Feb-20 05:42:08 GMT; path=/; domain=.useproof.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: nUKE6390uWvz+2il3ceimEvmTkIHlp0jfCyvvxwxRT01w53GRQQCb04cYuOtdTd8/a86jlvLvVo=
x-amz-request-id: 1239F81E2351A441
last-modified: Thu, 15 Aug 2019 15:41:48 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
cache-control: max-age=315360000, no-transform, public
x-amz-version-id: V3wOD8RjbA.D9D1fAXIzDOps5d_6lt3O
accept-ranges: bytes
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 554d48ef3d1fd715-FRA

GET
H2 200 1654642771458503 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1654642771458503?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4517b1cdf4960dcc4fbe22c7a3d1113d2d7562611098efeb81f3cb016aba3c8f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: bc3dotNwAo1gIyRStMW1Hlevb04TQ1DuZDaNsb4Tp4FVs6faIvkrBNS2fCIOlqmI5D2SAWXlkQS1Kb6IlcRItg==
x-fb-trip-id: 1850256238
date: Tue, 14 Jan 2020 05:42:08 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
359 B 18ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=815245808608654&ev=PageView&dl=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&rl=&if=false&ts=1578980528561&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1578980528561.312599561&it=1578980528465&coo=false&rqm=GET

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 14 Jan 2020 05:42:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1654642771458503&ev=PageView&dl=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&rl=&if=false&ts=1578980528651&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1578980528561.312599561&it=1578980528465&coo=false&rqm=GET

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 14 Jan 2020 05:42:08 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 342ms
117ms XHR
image/gif 35.192.151.63
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.0&correlateBy=aUSVQJJCiKQT5vNJZztgTz&kind=text,text,timer&label=lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_embed_script_load&value=E8fBHd6JghDn8QdWeFP8L3,E8fBHd6JghDn8QdWeFP8L3,80.7649977505207
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.192.151.63 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Origin: http://yourfederalretirement.org

Response headers

Date: Tue, 14 Jan 2020 05:42:09 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 193.9.113.119
Content-Type: image/gif
access-control-allow-origin: http://yourfederalretirement.org
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
access-control-max-age: 600
Connection: keep-alive
x-request-id: 03tovvt2ap3u4k054u2g

GET
H/1.1 200
OK serverComponent.php Show response
nexus.ensighten.com/choozle/6400/ 272 B
509 B 40ms
39ms Script
text/javascript 18.195.42.228
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/choozle/6400/serverComponent.php?r=656274338.9103394&ClientID=923&PageID=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29
Requested by: Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/choozle/6400/Bootstrap.js
Protocol: HTTP/1.1
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e15f98ef797a58ea82a50e0cdbea4702f67fad113122fb055aae1734dea5759a

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 05:42:09 GMT
Cache-Control: no-cache, no-store
Expires: Tue, 14 Jan 2020 05:42:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 272
Content-Type: text/javascript

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=815245808608654&ev=Microdata&dl=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&rl=&if=false&ts=1578980529063&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Federal%20Employee%20Retirement%20Workshop%20%7C%20Austin%2C%20TX%22%2C%22meta%3Adescription%22%3A%22This%20comprehensive%20workshop%20provides%20practical%20knowledge%20and%20calculating%20tools%20needed%20to%20understand%20the%20basics%20of%20retirement%20for%20FERS%20%26%20CSRS%20to%20show%20you%20that%20what%20you%20do%20now%20impacts%20what%20you%20get%20in%20retirement.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Federal%20Employee%20Retirement%20Workshop%22%2C%22og%3Adescription%22%3A%22This%20comprehensive%20workshop%20provides%20practical%20knowledge%20and%20calculating%20tools%20needed%20to%20understand%20the%20basics%20of%20retirement%20for%20FERS%20%26%20CSRS%20to%20show%20you%20that%20what%20you%20do%20now%20impacts%20what%20you%20get%20in%20retirement.%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fyourfederalretirement.org%2Faustin%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Flh3.googleusercontent.com%2FaqXtEaIptXOvTlOtEqZLLfwBiCUOMi3JKA14GoQxI1KbJzZ8vOWI9HnhpS2zm5N2pCp5HZyfAL46WaVKarjCag%3Ds0%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Aimage%3Awidth%22%3A%224198%22%2C%22og%3Aimage%3Aheight%22%3A%222801%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1578980528561.312599561&it=1578980528465&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 14 Jan 2020 05:42:09 GMT

GET
H/1.1 200
OK 203812f962cdac28cda2020bc8088b55.js Show response
nexus.ensighten.com/choozle/6400/code/ 261 B
554 B 32ms
31ms Script
application/javascript 18.195.42.228
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/choozle/6400/code/203812f962cdac28cda2020bc8088b55.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/choozle/6400/Bootstrap.js
Protocol: HTTP/1.1
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b003b4bb9f910d93e4f42f609cc96dff2fe12888d3caaf9dea8b17c6b0901c9a

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 05:42:09 GMT
Last-Modified: Fri, 20 Jul 2018 14:32:01 GMT
Server: nginx
ETag: "5b51f261-105"
Content-Type: application/javascript; charset=utf-8
cache-control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 261

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1654642771458503&ev=Microdata&dl=http%3A%2F%2Fyourfederalretirement.org%2Faustin%3FmsID%3D28366c59-58bd-4cd0-a050-444bd4a03f29&rl=&if=false&ts=1578980529153&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Federal%20Employee%20Retirement%20Workshop%20%7C%20Austin%2C%20TX%22%2C%22meta%3Adescription%22%3A%22This%20comprehensive%20workshop%20provides%20practical%20knowledge%20and%20calculating%20tools%20needed%20to%20understand%20the%20basics%20of%20retirement%20for%20FERS%20%26%20CSRS%20to%20show%20you%20that%20what%20you%20do%20now%20impacts%20what%20you%20get%20in%20retirement.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Federal%20Employee%20Retirement%20Workshop%22%2C%22og%3Adescription%22%3A%22This%20comprehensive%20workshop%20provides%20practical%20knowledge%20and%20calculating%20tools%20needed%20to%20understand%20the%20basics%20of%20retirement%20for%20FERS%20%26%20CSRS%20to%20show%20you%20that%20what%20you%20do%20now%20impacts%20what%20you%20get%20in%20retirement.%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fyourfederalretirement.org%2Faustin%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Flh3.googleusercontent.com%2FaqXtEaIptXOvTlOtEqZLLfwBiCUOMi3JKA14GoQxI1KbJzZ8vOWI9HnhpS2zm5N2pCp5HZyfAL46WaVKarjCag%3Ds0%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Aimage%3Awidth%22%3A%224198%22%2C%22og%3Aimage%3Aheight%22%3A%222801%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1578980528561.312599561&it=1578980528465&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: yourfederalretirement.org
URL: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 05:42:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 14 Jan 2020 05:42:09 GMT

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
355 B 116ms
115ms Image
image/gif 35.192.151.63
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=38,16,1629,1685,220,1687,1916,1917,2833,2833
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.192.151.63 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 05:42:09 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 193.9.113.119
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 032si0lsrsdjpeka7o80

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 116ms
115ms XHR
image/gif 35.192.151.63
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.0&correlateBy=aUSVQJJCiKQT5vNJZztgTz&kind=timer&label=lb_embed_leadbox_load&value=613.440003246069
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.192.151.63 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Origin: http://yourfederalretirement.org

Response headers

Date: Tue, 14 Jan 2020 05:42:09 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 193.9.113.119
Content-Type: image/gif
access-control-allow-origin: http://yourfederalretirement.org
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
access-control-max-age: 600
Connection: keep-alive
x-request-id: 03tp00286p1mu5b0lft0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 114ms
114ms XHR
image/gif 35.192.151.63
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.4&correlateBy=4uF6AFyWv7VTh54cYjhSPd&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=78.93000170588493,36.66500002145767,1,402.5049991905689
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.192.151.63 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://yourfederalretirement.org/austin?msID=28366c59-58bd-4cd0-a050-444bd4a03f29
Origin: http://yourfederalretirement.org

Response headers

Date: Tue, 14 Jan 2020 05:42:12 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 193.9.113.119
Content-Type: image/gif
access-control-allow-origin: http://yourfederalretirement.org
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
access-control-max-age: 600
Connection: keep-alive
x-request-id: 032si1hduueeb065sdb0

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yourfederalretirement.org/	1970-01-19 08:45:56	Name: _fbp Value: fb.1.1578980528561.312599561
.yourfederalretirement.org/	1970-01-19 06:36:20	Name: _gat_UA-4803385-9 Value: 1
.yourfederalretirement.org/	1970-01-19 06:37:46	Name: _gid Value: GA1.2.1460850255.1578980528
.yourfederalretirement.org/	1970-01-20 00:07:32	Name: _ga Value: GA1.2.466307956.1578980528

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

americanretirementsociety.org
api.leadpages.io
cdn.useproof.com
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.center.io
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
nexus.ensighten.com
pm.geniusmonkey.com
px.ads.linkedin.com
sjs.bizographics.com
static.leadpages.net
stats.g.doubleclick.net
w1.msonr.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
yourfederalretirement.org
13.224.197.175
13.56.143.234
18.195.42.228
192.241.157.223
2001:4de0:ac19::1:b:2a
2606:4700:20::681a:30e
2a00:1450:4001:815::2003
2a00:1450:4001:81e::2004
2a00:1450:4001:820::2001
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:4001:821::2013
2a00:1450:4001:824::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9a
2a02:26f0:6c00:293::3adf
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
34.194.234.134
35.192.151.63
35.202.21.90
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0135e2e9e8402d3042377fb8fcba6fe26521209e26c2ae50a85e24d974fb1f8e
0baa84fc5ff954de3315b732d841bd892e20cddfbfddbbfebf4416c8f4ce157e
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
3adb60545bd82c9e4963d5bb1a08138b66c931262fb4852ca38219c430762e0a
3ba82eb951c3f4cdf8722777cee2f815da76abb695187d719f457f1520ea7b71
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4517b1cdf4960dcc4fbe22c7a3d1113d2d7562611098efeb81f3cb016aba3c8f
588feb016bdc43059619935b29ed6c8aa1945d76acee289801c09d764ffc137f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ce9c73e84b42fb623b2820556a4c0067591d7c17ccf435f26e3054e0315ed17
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
84325c7d2768a8107eb8dcc2b9bf964d7103e09e3db6bad7d865db1c18ef812d
8f742d108cb5d552b2110f8ed8a18e8a60cdebad9425f76eb2106a65c5e6e741
946d84f43412e4511d79535be1af0579b61df7469bda16f4481b2740054e7a11
96657a7b3cda304308b1f988ffe719d12eaf51332806d508f3565e757670558d
a4a77217bf5e0ba4a0d281527ba8e9239174f9d641fb3dfccf0c5251a1314eae
b003b4bb9f910d93e4f42f609cc96dff2fe12888d3caaf9dea8b17c6b0901c9a
c1095f898e78df57dd54d1b115cffdc1fc9e9d6fbdbb96f140d7fd18d236eca1
c37bd9b2acab39b153303086610d25941b709bf8932bae1315235b6eaf64577f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e15f98ef797a58ea82a50e0cdbea4702f67fad113122fb055aae1734dea5759a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b6950918e03ee6935b0267076939eff134e76ea548228ccdf4a70034b1788d
e725d749e43b0eb1add64b8d5e69890f9e4dc258ac61626b075cee0e3e5e39c6
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19d476bf2c3d54a071b2240af9ef7d31e35e24862cdd76103ce4b1a721aacb5
fb8c49b153a2d8cf940873044dc003a661ae7da66214a3568ea2dae93dc5e9dc

yourfederalretirement.org Open in urlscan Pro 192.241.157.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

91 %HTTPS

70 %IPv6

23 Domains

24 Subdomains

19 IPs

6 Countries

1229 kBTransfer

2153 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

yourfederalretirement.org Open in urlscan Pro
192.241.157.223 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

91 %
HTTPS

70 %
IPv6

23
Domains

24
Subdomains

19
IPs

6
Countries

1229 kB
Transfer

2153 kB
Size

4
Cookies

43 HTTP transactions
0 data transactions