urlscan.io logo urlscan.io
SecurityTrails logo

employeebenefitsguide.com Open in urlscan Pro
107.180.12.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.employeebenefitsguide.com/
Effective URL: https://employeebenefitsguide.com/
Submission: On August 04 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 16 domains to perform 36 HTTP transactions. The main IP is 107.180.12.36, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is employeebenefitsguide.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 4th 2020. Valid for: 2 years.
This is the only time employeebenefitsguide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 107.180.12.36 26496 (AS-26496-...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
36 17
15    107.180.12.36 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-12-36.ip.secureserver.net
www.employeebenefitsguide.com
employeebenefitsguide.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:10c:382::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
1    2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:ebcc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
forms.hubspot.com
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Domain Requested by
14 employeebenefitsguide.com employeebenefitsguide.com
2 forms.hubspot.com js.hscollectedforms.net
js.hsleadflows.net
2 www.facebook.com employeebenefitsguide.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
employeebenefitsguide.com
2 px.ads.linkedin.com 1 redirects employeebenefitsguide.com
2 connect.facebook.net employeebenefitsguide.com
connect.facebook.net
2 www.googletagmanager.com employeebenefitsguide.com
www.googletagmanager.com
1 track.hubspot.com
1 api.hubspot.com js.usemessages.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 www.linkedin.com 1 redirects
1 js.hs-scripts.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 fonts.gstatic.com employeebenefitsguide.com
1 fonts.googleapis.com employeebenefitsguide.com
1 www.employeebenefitsguide.com 1 redirects
36 20

This site contains links to these domains. Also see Links.

Domain
themeehanagency.com
makebenefitscount.org
Subject Issuer Validity Valid
employeebenefitsguide.com
Go Daddy Secure Certificate Authority - G2		 2020-08-04 -
2022-10-31		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-03-04 -
2020-09-04		 6 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2020-07-27 -
2021-07-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://employeebenefitsguide.com/
Frame ID: AEC7E8495BC51707B280FA3123BD0CC6
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.employeebenefitsguide.com/ HTTP 301
    https://employeebenefitsguide.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

36
Requests

100 %
HTTPS

94 %
IPv6

16
Domains

20
Subdomains

17
IPs

4
Countries

1176 kB
Transfer

2844 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.employeebenefitsguide.com/ HTTP 301
    https://employeebenefitsguide.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1029658&url=https%3A%2F%2Femployeebenefitsguide.com%2F&time=1596570845461 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1029658%26url%3Dhttps%253A%252F%252Femployeebenefitsguide.com%252F%26time%3D1596570845461%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1029658&url=https%3A%2F%2Femployeebenefitsguide.com%2F&time=1596570845461&liSync=true

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
employeebenefitsguide.com/
Redirect Chain
  • https://www.employeebenefitsguide.com/
  • https://employeebenefitsguide.com/
71 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache / PHP/5.6.40
Resource Hash
d0c9f191d145ccb9daa96213c5bb25454ea90b27e8e1440f2dbf955b86684a0a

Request headers

:method
GET
:authority
employeebenefitsguide.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 04 Aug 2020 19:54:04 GMT
server
Apache
x-powered-by
PHP/5.6.40
vary
Accept-Encoding,Cookie,User-Agent
link
<https://employeebenefitsguide.com/wp-json/>; rel="https://api.w.org/", <https://employeebenefitsguide.com/>; rel=shortlink
content-encoding
gzip
content-length
13477
content-type
text/html; charset=UTF-8

Redirect headers

status
301
date
Tue, 04 Aug 2020 19:54:03 GMT
server
Apache
x-powered-by
PHP/5.6.40
vary
Accept-Encoding,Cookie,User-Agent
x-redirect-by
WordPress
location
https://employeebenefitsguide.com/
content-encoding
gzip
content-length
143
content-type
text/html; charset=UTF-8
style.min.css
employeebenefitsguide.com/wp-includes/css/dist/block-library/ 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeebenefitsguide.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 18:10:30 GMT
server
Apache
etag
"c3a20c1-d159-5aa7ed6ce5180-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
7642
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Catamaran%3A400%2C700%2C900%7CMerriweather%3A400%2C700%7CPT+Serif%3A400%2C700&display=swap&ver=5.4.2
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ffaf863298fe9b3ab3670b03dfffcda6ad2256aa64bb95f3eda0d883e7137f85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Aug 2020 19:54:05 GMT
server
ESF
date
Tue, 04 Aug 2020 19:54:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Aug 2020 19:54:05 GMT
style.min.css
employeebenefitsguide.com/wp-content/themes/Impreza/css/ 		271 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeebenefitsguide.com/wp-content/themes/Impreza/css/style.min.css?ver=6.1.2
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
8a08b849899c75e7f514c0cfbf5801205b55d46bc31995b681ebf39c0beebe5c

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 18:45:37 GMT
server
Apache
etag
"c3a0f0a-43b10-5aa7f54649640-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
50597
responsive.min.css
employeebenefitsguide.com/wp-content/themes/Impreza/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeebenefitsguide.com/wp-content/themes/Impreza/css/responsive.min.css?ver=6.1.2
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
27516d54549a5ca087894663795f59f28f07bb0d760c0da3f4af500a6d055498

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 18:06:56 GMT
server
Apache
etag
"c3a0f07-5293-5aa7eca0cf000-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
4375
Make-Benefits-logo.png
employeebenefitsguide.com/wp-content/uploads/2020/04/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employeebenefitsguide.com/wp-content/uploads/2020/04/Make-Benefits-logo.png
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
b51237aad2ce8d1cc6e09d5f4a659da4cbe1f2c792d4f1a6086255fcd5eeb6bd

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
last-modified
Wed, 15 Jul 2020 18:42:03 GMT
server
Apache
etag
"c3a1d33-a081-5aa7f47a334c0"
content-type
image/png
status
200
accept-ranges
bytes
content-length
41089
Simplifyemployer2.png
employeebenefitsguide.com/wp-content/uploads/2019/06/ 		199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employeebenefitsguide.com/wp-content/uploads/2019/06/Simplifyemployer2.png
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
5edba63116bde7b61df94c5aca0d7993547587402767d83f47d2564a22ba79f4

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
last-modified
Wed, 15 Jul 2020 18:24:31 GMT
server
Apache
etag
"c3a18cf-31c15-5aa7f08eef5c0"
content-type
image/png
status
200
accept-ranges
bytes
content-length
203797
Simplifybroker2.png
employeebenefitsguide.com/wp-content/uploads/2019/06/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employeebenefitsguide.com/wp-content/uploads/2019/06/Simplifybroker2.png
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
74731510a2e7c03ac7edef69241006b1324f899395110235e425ff5f40eb6664

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
last-modified
Wed, 15 Jul 2020 18:22:22 GMT
server
Apache
etag
"c3a18c9-1966c-5aa7f013e9380"
content-type
image/png
status
200
accept-ranges
bytes
content-length
104044
wp-emoji-release.min.js
employeebenefitsguide.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employeebenefitsguide.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 18:15:23 GMT
server
Apache
etag
"c3a2813-364d-5aa7ee84524c0-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4653
jquery.js
employeebenefitsguide.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employeebenefitsguide.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 18:15:28 GMT
server
Apache
etag
"c3a28b4-17a69-5aa7ee8917000-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
33776
magnific-popup.js
employeebenefitsguide.com/wp-content/themes/Impreza/common/js/vendor/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employeebenefitsguide.com/wp-content/themes/Impreza/common/js/vendor/magnific-popup.js?ver=6.1.2
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
4123a0b824634537d4a2a4bb289aadb7c98752c6c2af82ea3d9f0d109cc2272d

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 18:42:28 GMT
server
Apache
etag
"c3a0eee-4efc-5aa7f4920ad00-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
7350
us.core.min.js
employeebenefitsguide.com/wp-content/themes/Impreza/js/ 		130 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employeebenefitsguide.com/wp-content/themes/Impreza/js/us.core.min.js?ver=6.1.2
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
fc1bb0c6517021c854b7bf11ce6cbbee9ae8459a98106ef36773118bc9837c2f

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 18:49:14 GMT
server
Apache
etag
"c3a0fc6-207b7-5aa7f6153be80-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
31751
wp-embed.min.js
employeebenefitsguide.com/wp-includes/js/ 		1 KB
851 B 		Script
General
Check archive.org
Download Go to
Full URL
https://employeebenefitsguide.com/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 18:35:15 GMT
server
Apache
etag
"c3a2810-59a-5aa7f2f519ec0-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
769
gtm.js
www.googletagmanager.com/ 		99 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T88D3CM
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
072a9709c76ae6f0c5f795392d56fb673b3588dddf612d86983a048273517a08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36703
x-xss-protection
0
last-modified
Tue, 04 Aug 2020 18:55:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Aug 2020 19:54:05 GMT
fa-solid-900.woff2
employeebenefitsguide.com/wp-content/themes/Impreza/fonts/ 		115 KB
115 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://employeebenefitsguide.com/wp-content/themes/Impreza/fonts/fa-solid-900.woff2
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
fe529bb3f596ef36f463c8be98e02b43acccdfc0626719077481fe94e03cff21

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://employeebenefitsguide.com/
Origin
https://employeebenefitsguide.com

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 17:54:29 GMT
server
Apache
etag
"c3a0fb9-1ca74-5aa7e9d869f40-gzip"
vary
Accept-Encoding,User-Agent
content-type
font/woff2
status
200
accept-ranges
bytes
o-0IIpQoyXQa2RxT7-5r5TRASf6M7Q.woff2
fonts.gstatic.com/s/catamaran/v7/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/catamaran/v7/o-0IIpQoyXQa2RxT7-5r5TRASf6M7Q.woff2
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2c0c4d3e084e509b9df84056d032895b6ed22b9649402a8150cf1bea4c2f955
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Catamaran%3A400%2C700%2C900%7CMerriweather%3A400%2C700%7CPT+Serif%3A400%2C700&display=swap&ver=5.4.2
Origin
https://employeebenefitsguide.com

Response headers

date
Tue, 28 Jul 2020 21:40:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 28 Jul 2020 02:03:29 GMT
server
sffe
age
598386
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32996
x-xss-protection
0
expires
Wed, 28 Jul 2021 21:40:59 GMT
fa-regular-400.woff2
employeebenefitsguide.com/wp-content/themes/Impreza/fonts/ 		142 KB
143 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://employeebenefitsguide.com/wp-content/themes/Impreza/fonts/fa-regular-400.woff2
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.12.36 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-12-36.ip.secureserver.net
Software
Apache /
Resource Hash
99c5e07f20628e4c3acb7f51960ff451d0628f5f630015d3e73d091b546fb031

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://employeebenefitsguide.com/
Origin
https://employeebenefitsguide.com

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 18:17:05 GMT
server
Apache
etag
"c3a0fb7-236f0-5aa7eee598a40-gzip"
vary
Accept-Encoding,User-Agent
content-type
font/woff2
status
200
accept-ranges
bytes
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T88D3CM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 04 Aug 2020 19:54:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=20134
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
js
www.googletagmanager.com/gtag/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-123032111-5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T88D3CM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff7a6aa6e213b32f37fbb295223d97e5b6ba918d5d1cdbc245c12267ab2416d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34145
x-xss-protection
0
last-modified
Tue, 04 Aug 2020 18:55:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Aug 2020 19:54:05 GMT
4500512.js
js.hs-scripts.com/ 		2 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/4500512.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T88D3CM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e786aa5ee667ee75b0a2d46b94d760f395a4d86b93eaf5e0ce210039ee3371

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
status
200
cf-request-id
045ca2d9050000beec9bbb2200000001
server
cloudflare
x-trace
2BF33C75DBEC422AAA8BBFAC20F56CC33CAD24ACEE000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://employeebenefitsguide.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
5bdad4080e36beec-FRA
expires
Tue, 04 Aug 2020 19:55:05 GMT
fbevents.js
connect.facebook.net/en_US/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34220
x-xss-protection
0
pragma
public
x-fb-debug
NBn/hBxkXc+QWsfHiM3Fplml/Rzvdtmv3uj83C3x2TESz7C9SF3zsSCtELwsIvc7nE2wbrhriVgurM6vhj9HlA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Tue, 04 Aug 2020 19:54:05 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
574821722932804
connect.facebook.net/signals/config/ 		522 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/574821722932804?v=2.9.22&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3f227086b85ca8f398e08dbb5bd16417c8decd844a7836ac7a8a704070ec6dfa
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
f6qC7W/+uO/jTAu/WfN5cJQL60wAujuSaP2pFYA1fW02GRGaEaJMYZV9Wf11iCM34sbi5A+ZLyzGFmGG/5bG0A==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Tue, 04 Aug 2020 19:54:05 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1029658&url=https%3A%2F%2Femployeebenefitsguide.com%2F&time=1596570845461
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1029658%26url%3Dhttps%253A%252F%252Femployeebenefitsguide.com%252F%26time%3D15965...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1029658&url=https%3A%2F%2Femployeebenefitsguide.com%2F&time=1596570845461&liSync=true
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1029658&url=https%3A%2F%2Femployeebenefitsguide.com%2F&time=1596570845461&liSync=true
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
6yltq7koKBaQw6wQYSsAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options
nosniff
linkedin-action
1
status
302
content-length
0
x-li-uuid
UQQao7koKBYw9hyimCsAAA==
pragma
no-cache
x-li-pop
afd-prod-edc2
x-msedge-ref
Ref A: 1363ADE28CE04DA1929D0D50AD1C8331 Ref B: FRAEDGE1520 Ref C: 2020-08-04T19:54:05Z
x-frame-options
sameorigin
date
Tue, 04 Aug 2020 19:54:05 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1029658&url=https%3A%2F%2Femployeebenefitsguide.com%2F&time=1596570845461&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123032111-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
5906
date
Tue, 04 Aug 2020 18:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Tue, 04 Aug 2020 20:15:39 GMT
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=521738728&t=pageview&_s=1&dl=https%3A%2F%2Femployeebenefitsguide.com%2F&ul=en-us&de=UTF-8&dt=Communicate.%20Educate.%20Enroll.%20%7C%20Employee%20Benefits%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1866257097&gjid=1427412810&cid=2058568838.1596570845&tid=UA-123032111-5&_gid=295837981.1596570845&_r=1&gtm=2ou7m1&z=180845422
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Aug 2020 19:54:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collectedforms.js
js.hscollectedforms.net/ 		85 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4500512.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54f8bdb7f95172cf483ed2b708e2a226839fdf7915242e03a73afe89c500be17

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://employeebenefitsguide.com/
Origin
https://employeebenefitsguide.com

Response headers

date
Tue, 04 Aug 2020 19:54:06 GMT
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
cf-ray
5bdad4091b60c2ea-FRA
x-cache
RefreshHit from cloudfront
status
200
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
045ca2d9ab0000c2eac7893200000001
last-modified
Tue, 02 Jun 2020 12:54:44 UTC
server
cloudflare
etag
W/"c84b1adf13b095abe74ab33769ea944d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
XHqlwKqV_vJr6k81KZ.r7FtVM45AUR3Y
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
content-type
application/javascript; charset=utf-8
x-amz-cf-id
PI-iyMnRppvkt4FgwzcCBplS9my2Gj-AWWKPiW1IE7_a2GMGn9IkMA==
leadflows.js
js.hsleadflows.net/ 		401 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4500512.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd8e3c80fde83e3490dfc7c73960f19a751419aa0ac6d6f96f1d804fe0e5329

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://employeebenefitsguide.com/
Origin
https://employeebenefitsguide.com

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
via
1.1 199fd61d7551d8868317c5b53cc7d24d.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
cf-ray
5bdad409182bd6dd-FRA
x-cache
RefreshHit from cloudfront
status
200
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
045ca2d9af0000d6ddcca37200000001
last-modified
Fri, 10 Jul 2020 12:21:49 UTC
server
cloudflare
etag
W/"f007144f3d6494a9cd817569e127a504"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
P3rDtiJD7HKnxeSZdufzjpsEiajovPfK
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
content-type
application/javascript; charset=utf-8
x-amz-cf-id
LnpM9iM-CY54kNCJhCUVqvyhtl1zYltaJWhh2RIEAYtnrSJoF7ODtg==
4500512.js
js.hs-banner.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/4500512.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4500512.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89cc651a6ef343f050d64fdeae2f7c043387dd39b69b4f2e8dfc0c962d7d604a

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=tHj42w==, md5=0uk89ljDsPFDrLWNAiATQg==
date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
AAANsUlFLdMiT-9NK0PfFu6S7uYtXmy-pCN4r6UVCkGWNvzIEcFczbzSgOEriK_6ZtFXf2l-5U_iIJisKmRHx6RiGdY
x-goog-storage-class
STANDARD
status
200
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
045ca2d9ab000005dcec9d4200000001
timing-allow-origin
*
last-modified
Wed, 27 May 2020 03:38:03 GMT
server
cloudflare
etag
W/"d2e93cf658c3b0f143acb58d02201342"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1590550683856267
access-control-allow-origin
https://themeehanagency.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
23052
cf-ray
5bdad409187405dc-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Tue, 04 Aug 2020 19:59:05 GMT
4500512.js
js.hs-analytics.net/analytics/1596570600000/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1596570600000/4500512.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4500512.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1171c0bf5fcac1961e75a6e68a998828b4c40ea12533bd3416ecc52ca2b0602

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
FT5SFYFT2P7W3T2P
x-amz-server-side-encryption
AES256
cf-ray
5bdad4091a07c29f-FRA
status
200
x-amz-id-2
YRBR02pO5WHY5/AYi3me4ncN7aIpRlniB9RaKD97uwibIG1KFo+9iE5d7gHCIgbwVR168jeCDrI=
last-modified
Mon, 20 Jul 2020 14:50:44 GMT
server
cloudflare
etag
W/"feffa83168f42ae3c86a7a6eff756835"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-request-id
045ca2d9ac0000c29fe08ef200000001
content-type
text/javascript
expires
Tue, 04 Aug 2020 19:59:05 GMT
conversations-embed.js
js.usemessages.com/ 		72 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4500512.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:ebcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d8bd8b1d3b699ad17a6f03827224ed41460eb89c8e023758473db1c780a6044

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
via
1.1 f7a968b55c3516da72549b98f99704a4.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
599
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
cf-request-id
045ca2d9af00006413c3a83200000001
last-modified
Mon, 03 Aug 2020 06:51:24 UTC
server
cloudflare
etag
W/"68c817b3d7bb3d408fcd3367404116b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
VLfrNYigeR4SH1LhvVtp1NJOTgNZEq_r
cache-control
max-age=600
x-amz-cf-pop
IAD89-C3
cf-ray
5bdad4091f176413-FRA
x-amz-cf-id
Nh3OSnqiJ-yAekHD4hAXXt1umQqaRLZqmm8CNlCMueLxDwObj3dvtA==
/
www.facebook.com/tr/ 		44 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=574821722932804&ev=PageView&dl=https%3A%2F%2Femployeebenefitsguide.com%2F&rl=&if=false&ts=1596570845713&sw=1600&sh=1200&v=2.9.22&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1596570845712.740875882&it=1596570845452&coo=false&rqm=GET
Requested by
Host: employeebenefitsguide.com
URL: https://employeebenefitsguide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 04 Aug 2020 19:54:05 GMT
public
api.hubspot.com/livechat-public/v1/message/ 		268 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=4500512&conversations-embed=static-1.7083&mobile=false&messagesUtk=7438e79319a34a87b4fe2f66750b7161&traceId=7438e79319a34a87b4fe2f66750b7161
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab6cfdc7800ee135e82675312b2cdaa89fe99a620a8c82ac1159ef87e2ea064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://employeebenefitsguide.com/
X-HubSpot-Messages-Uri
https://employeebenefitsguide.com/

Response headers

date
Tue, 04 Aug 2020 19:54:06 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
content-length
210
cf-request-id
045ca2db2800001782301b9200000001
server
cloudflare
x-trace
2BF6FFAE2D0EF1D0131FF8090488B28EAA2BE5DC05000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://employeebenefitsguide.com
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
5bdad40b7bfc1782-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
/
www.facebook.com/tr/ 		0
88 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryNwAy5d0ElTM2H6ej

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 04 Aug 2020 19:54:06 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://employeebenefitsguide.com
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
__ptq.gif
track.hubspot.com/ 		45 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=4500512&rcu=https%3A%2F%2Femployeebenefitsguide.com%2F&pu=https%3A%2F%2Femployeebenefitsguide.com%2F&t=Communicate.+Educate.+Enroll.+%7C+Employee+Benefits+Guide&cts=1596570846616&vi=8a476c6e715a2bafd17c87890b940823&nc=true&u=240174684.8a476c6e715a2bafd17c87890b940823.1596570846613.1596570846613.1596570846613.1&b=240174684.1.1596570846613
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5bdad40f7c4e1f4d-FRA
date
Tue, 04 Aug 2020 19:54:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
045ca2ddaa00001f4d6209f200000001
x-robots-tag
none
json
forms.hubspot.com/collected-forms/v1/config/ 		115 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=4500512&utk=8a476c6e715a2bafd17c87890b940823
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b5cf4a65bc8a55efc9d24b5b217739c37289d9d0a36e9876cf2ee00928047f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
045ca2dda000001782301e6200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://employeebenefitsguide.com
access-control-allow-credentials
false
cf-ray
5bdad40f6d7d1782-FRA
access-control-allow-headers
*
json
forms.hubspot.com/lead-flows-config/v1/config/ 		166 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4500512&utk=8a476c6e715a2bafd17c87890b940823&__hstc=240174684.8a476c6e715a2bafd17c87890b940823.1596570846613.1596570846613.1596570846613.1&__hssc=240174684.1.1596570846613&currentUrl=https%3A%2F%2Femployeebenefitsguide.com%2F
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c89fb55bc560ff04a826ae2805a5fb548fc20c3b8aa9aca781bc0ae0aff7f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://employeebenefitsguide.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 19:54:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
045ca2ddc000001782301ea200000001
x-robots-tag
none
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://employeebenefitsguide.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
5bdad40f9e121782-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings object| root object| dataLayer object| $us undefined| $ function| jQuery object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id function| fbq function| _fbq function| lintrk boolean| _already_called_lintrk function| gtag string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| EvEmitter function| imagesLoaded object| jQuery1124009541446978645429 object| wp object| _hsp boolean| _hspb_loaded boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq object| _paq boolean| _hstc_loaded function| bindToWindowOnError function| defineProperties object| globalRoot undefined| hns object| leadflows object| hubspot function| OutpostErrorReporter boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| twemoji function| setImmediate function| clearImmediate object| __hsCollectedFormsDebug boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| LEAD_FLOW_DOCUMENT_READY_RAN

9 Cookies

Domain/Path Name / Value
.employeebenefitsguide.com/ Name: __hssrc
Value: 1
.employeebenefitsguide.com/ Name: hubspotutk
Value: 8a476c6e715a2bafd17c87890b940823
.employeebenefitsguide.com/ Name: __hstc
Value: 240174684.8a476c6e715a2bafd17c87890b940823.1596570846613.1596570846613.1596570846613.1
.employeebenefitsguide.com/ Name: _gat_gtag_UA_123032111_5
Value: 1
.employeebenefitsguide.com/ Name: _fbp
Value: fb.1.1596570845712.740875882
.employeebenefitsguide.com/ Name: __hssc
Value: 240174684.1.1596570846613
.employeebenefitsguide.com/ Name: _gid
Value: GA1.2.295837981.1596570845
.employeebenefitsguide.com/ Name: _ga
Value: GA1.2.2058568838.1596570845
.employeebenefitsguide.com/ Name: _gcl_au
Value: 1.1.582323186.1596570845

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
connect.facebook.net
employeebenefitsguide.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsleadflows.net
js.usemessages.com
px.ads.linkedin.com
snap.licdn.com
track.hubspot.com
www.employeebenefitsguide.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
107.180.12.36
2606:4700::6811:45b0
2606:4700::6811:7fab
2606:4700::6811:d5cc
2606:4700::6811:e9cc
2606:4700::6811:ebcc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:806::2008
2a00:1450:4001:816::200e
2a00:1450:4001:818::2003
2a02:26f0:10c:382::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
072a9709c76ae6f0c5f795392d56fb673b3588dddf612d86983a048273517a08
0dd8e3c80fde83e3490dfc7c73960f19a751419aa0ac6d6f96f1d804fe0e5329
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c89fb55bc560ff04a826ae2805a5fb548fc20c3b8aa9aca781bc0ae0aff7f7d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
27516d54549a5ca087894663795f59f28f07bb0d760c0da3f4af500a6d055498
2ab6cfdc7800ee135e82675312b2cdaa89fe99a620a8c82ac1159ef87e2ea064
3f227086b85ca8f398e08dbb5bd16417c8decd844a7836ac7a8a704070ec6dfa
4123a0b824634537d4a2a4bb289aadb7c98752c6c2af82ea3d9f0d109cc2272d
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
54f8bdb7f95172cf483ed2b708e2a226839fdf7915242e03a73afe89c500be17
5edba63116bde7b61df94c5aca0d7993547587402767d83f47d2564a22ba79f4
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
72b5cf4a65bc8a55efc9d24b5b217739c37289d9d0a36e9876cf2ee00928047f
74731510a2e7c03ac7edef69241006b1324f899395110235e425ff5f40eb6664
7d8bd8b1d3b699ad17a6f03827224ed41460eb89c8e023758473db1c780a6044
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89cc651a6ef343f050d64fdeae2f7c043387dd39b69b4f2e8dfc0c962d7d604a
8a08b849899c75e7f514c0cfbf5801205b55d46bc31995b681ebf39c0beebe5c
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
99c5e07f20628e4c3acb7f51960ff451d0628f5f630015d3e73d091b546fb031
b2c0c4d3e084e509b9df84056d032895b6ed22b9649402a8150cf1bea4c2f955
b51237aad2ce8d1cc6e09d5f4a659da4cbe1f2c792d4f1a6086255fcd5eeb6bd
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c2e786aa5ee667ee75b0a2d46b94d760f395a4d86b93eaf5e0ce210039ee3371
d0c9f191d145ccb9daa96213c5bb25454ea90b27e8e1440f2dbf955b86684a0a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e1171c0bf5fcac1961e75a6e68a998828b4c40ea12533bd3416ecc52ca2b0602
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fc1bb0c6517021c854b7bf11ce6cbbee9ae8459a98106ef36773118bc9837c2f
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe529bb3f596ef36f463c8be98e02b43acccdfc0626719077481fe94e03cff21
ff7a6aa6e213b32f37fbb295223d97e5b6ba918d5d1cdbc245c12267ab2416d3
ffaf863298fe9b3ab3670b03dfffcda6ad2256aa64bb95f3eda0d883e7137f85