josephnorins.wpengine.com Open in urlscan Pro
34.74.5.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.employeejustice.com/
Effective URL:
https://josephnorins.wpengine.com/
Submission: On September 11 via automatic, source certstream-suspicious (September 11th 2020, 9:47:08 pm UTC)

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 40 HTTP transactions. The main IP is 34.74.5.49, located in United States and belongs to GOOGLE, US. The main domain is josephnorins.wpengine.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on July 1st 2019. Valid for: 2 years.

This is the only time josephnorins.wpengine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	34.74.5.49 34.74.5.49	15169 (GOOGLE) (GOOGLE)
1	151.101.13.131 151.101.13.131	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
1	143.204.215.116 143.204.215.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
1	2.17.177.117 2.17.177.117	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
40	12

26 34.74.5.49 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 49.5.74.34.bc.googleusercontent.com

www.employeejustice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
josephnorins.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.131 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

1526758fa0134ffe863ec622f3ee0f5d.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.116 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-116.fra53.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.177.117 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-177-117.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	wpengine.com josephnorins.wpengine.com	1 MB
4	gstatic.com fonts.gstatic.com	64 KB
3	google-analytics.com www.google-analytics.com	18 KB
2	googletagmanager.com www.googletagmanager.com	64 KB
2	ubembed.com 1526758fa0134ffe863ec622f3ee0f5d.js.ubembed.com assets.ubembed.com	46 KB
1	google.de www.google.de	106 B
1	google.com www.google.com	106 B
1	doubleclick.net stats.g.doubleclick.net	94 B
1	chimpstatic.com chimpstatic.com	647 B
1	employeejustice.com 1 redirects www.employeejustice.com	212 B
40	10

	Domain	Requested by
25	josephnorins.wpengine.com	josephnorins.wpengine.com
4	fonts.gstatic.com	josephnorins.wpengine.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	josephnorins.wpengine.com
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	chimpstatic.com	josephnorins.wpengine.com
1	assets.ubembed.com	1526758fa0134ffe863ec622f3ee0f5d.js.ubembed.com
1	1526758fa0134ffe863ec622f3ee0f5d.js.ubembed.com	josephnorins.wpengine.com
1	www.employeejustice.com	1 redirects
40	11

This site contains no links.

Subject Issuer	Validity	Valid
*.wpengine.com RapidSSL RSA CA 2018	`2019-07-01` - `2021-08-29`	2 years	crt.sh
z.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-02` - `2021-04-23`	8 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
assets.ubembed.com Amazon	`2020-04-04` - `2021-05-04`	a year	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2019-11-21` - `2021-02-19`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://josephnorins.wpengine.com/
Frame ID: 32077B92AB72307AF898CCA2823D8CB7
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.employeejustice.com/ HTTP 301
https://josephnorins.wpengine.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

40
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

12
IPs

4
Countries

1426 kB
Transfer

3574 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.employeejustice.com/ HTTP 301
https://josephnorins.wpengine.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
josephnorins.wpengine.com/
Redirect Chain

https://www.employeejustice.com/
https://josephnorins.wpengine.com/

244 KB
18 KB

468ms
135ms

Document
text/html

34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://josephnorins.wpengine.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: c4270ae98fe1d6c6aa75a9afcbcf208c1962ec800be06a38a4a910a9eac9f275

Request headers

:method: GET
:authority: josephnorins.wpengine.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Fri, 11 Sep 2020 21:46:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://josephnorins.wpengine.com/wp-json/>; rel="https://api.w.org/" <https://josephnorins.wpengine.com/>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
content-encoding: br

Redirect headers

status: 301
server: nginx
date: Fri, 11 Sep 2020 21:46:51 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://josephnorins.wpengine.com/
x-redirect-by: WordPress
x-powered-by: WP Engine
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal

GET
H2 200 / Show response
1526758fa0134ffe863ec622f3ee0f5d.js.ubembed.com/ 478 B
619 B 175ms
167ms Script
application/json 151.101.13.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://1526758fa0134ffe863ec622f3ee0f5d.js.ubembed.com/
Requested by: Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.131 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 780ec192e68cffe82a3657a8cdf0ba1692cfb16044f92295a6934463a5901ee5

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:52 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 0
x-amz-apigw-id: SuJ7-EUSDoEFQMg=
etag: 191c4c91d7832aef86b5d7b0e3b59d63-v0.178.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
status: 200
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA6-C1
accept-ranges: none
access-control-allow-origin: *

GET
H2 200 autoptimize_e051bbaf12c1886a673310c4f067abf8.css
josephnorins.wpengine.com/wp-content/cache/autoptimize/css/ 318 KB
41 KB 147ms
145ms Stylesheet
text/css 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://josephnorins.wpengine.com/wp-content/cache/autoptimize/css/autoptimize_e051bbaf12c1886a673310c4f067abf8.css
Requested by: Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe38c8f1056319577dd33ff3a9d7dba47c2a7edee09666f9697aafe8abac4937

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:52 GMT
content-encoding: br
last-modified: Fri, 11 Sep 2020 20:53:52 GMT
server: nginx
status: 200
etag: W/"5f5be3e0-4f6e3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 f730166692380a3f5163296babcc592e.min.css
josephnorins.wpengine.com/wp-content/uploads/fusion-styles/ 837 KB
102 KB 147ms
146ms Stylesheet
text/css 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css
Requested by: Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ec8e6bf957b3773127aa7fd76bae20128e006083259ac0f63cbb259dd4eece33

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:52 GMT
content-encoding: br
last-modified: Fri, 11 Sep 2020 20:52:55 GMT
server: nginx
status: 200
etag: W/"5f5be3a7-d1399"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.js Show response
josephnorins.wpengine.com/wp-includes/js/jquery/ 95 KB
34 KB 146ms
146ms Script
application/javascript 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://josephnorins.wpengine.com/wp-includes/js/jquery/jquery.js
Requested by: Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:52 GMT
content-encoding: br
last-modified: Thu, 20 Aug 2020 16:19:47 GMT
server: nginx
status: 200
etag: W/"5f3ea2a3-17a69"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-172354428-2

Requested by

Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b8bc02cc23ee8349c56fddb8e525b38d40824d31b1983f9e13ad06256ba1b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:52 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35646
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Sep 2020 21:46:52 GMT

GET
H2 200 jn-logo-hq.png
josephnorins.wpengine.com/wp-content/uploads/2020/09/ 36 KB
36 KB 118ms
118ms Image
image/png 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/09/jn-logo-hq.png
Requested by: Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 24f3e83c3c10c6ee3b5a05286c20b0b02915d3ada7e49a4f3a9c93239f14dda5

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:52 GMT
last-modified: Wed, 09 Sep 2020 17:59:37 GMT
server: nginx
status: 200
etag: "5f591809-90cb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 37067

GET
H2 200 autoptimize_5fbdad18553345c8918fa15a7e5d3f45.js Show response
josephnorins.wpengine.com/wp-content/cache/autoptimize/js/ 835 KB
221 KB 138ms
137ms Script
application/javascript 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://josephnorins.wpengine.com/wp-content/cache/autoptimize/js/autoptimize_5fbdad18553345c8918fa15a7e5d3f45.js
Requested by: Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d736e07ed9995b0322deb437edf6ba4cc5ba6e8db30b905bb8e07c6ee530da6b

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:52 GMT
content-encoding: br
last-modified: Fri, 11 Sep 2020 20:34:21 GMT
server: nginx
status: 200
etag: W/"5f5bdf4d-d0dcb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.178.1/ 162 KB
46 KB 28ms
27ms Script
application/javascript 143.204.215.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.178.1/bundle.js
Requested by: Host: 1526758fa0134ffe863ec622f3ee0f5d.js.ubembed.com
URL: https://1526758fa0134ffe863ec622f3ee0f5d.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df25786bc3951d78d0f763a2a75a1f33b01b8ae2a5157831d2cf4d0348c2ede7

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 02 May 2020 23:46:50 GMT
content-encoding: gzip
last-modified: Wed, 11 Dec 2019 22:14:50 GMT
server: AmazonS3
age: 11397603
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: xbMvmCwtDS5Lk3zP92axm_31KuiEFYQNT7mr7dWXfiNNRMSPq6sxmQ==
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 76 KB
29 KB 51ms
37ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P9WQXZV

Requested by

Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49276f10666995b90f293e85301f4df7ee81449d11aadc54f8fb702cedca60a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:52 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Sep 2020 21:46:52 GMT

GET
H/1.1 200
OK b9ccf927ce804d67ca3d49b78.js Show response
chimpstatic.com/mcjs-connected/js/users/01b1792055cd92a657603fe33/ 50 B
647 B 187ms
138ms Script
application/javascript 2.17.177.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/01b1792055cd92a657603fe33/b9ccf927ce804d67ca3d49b78.js
Requested by: Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.17.177.117 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-177-117.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 92, 92
Date: Fri, 11 Sep 2020 21:46:53 GMT
Last-Modified: Fri, 17 Jul 2020 18:18:50 GMT
Server: AmazonS3
x-amz-request-id: 6E42107182986F01
X-EdgeConnect-MidMile-RTT: 0, 0
ETag: "104d46a3208b40e8ded389332f5a78a3"
Content-Type: application/javascript
Cache-Control: max-age=1737
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50
x-amz-id-2: 0Sff2Y5pROe3nmJXhpHgbmmDgsaNs5yaCO/3uvLpwqYkXqlTadzRofQlePMUC7Eb9hfVljXmaac=
Expires: Fri, 11 Sep 2020 22:15:50 GMT

GET
DATA 200
OK truncated
/ 143 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 159416eb08261d07b7fcbafed2d9ef90cafa56686c60441c02d0fe8d107dd1ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 143 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 571e282f03562e53cadf6a91a2ff34c23f86500f14ac16fd6e2cc4dc49bfac3b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 140 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aa1b1167e1a5a38deb3e50aed21984cff6ebf2df86f7473f3cc5d2e96ee6638

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 143 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4a041540a7d09d2ac013c311f9d336df379c089da403c05784cb828ec53ee24

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 va9I4kzIxd1KFrBoQeVVkqDO.woff
fonts.gstatic.com/s/chivo/v12/ 15 KB
15 KB 7ms
6ms Font
font/woff 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chivo/v12/va9I4kzIxd1KFrBoQeVVkqDO.woff

Requested by

Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32e3cd6a9b95a0ae998d208b8a8bf7d32e8c84ced9499fad77bfb9d5c2660da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://josephnorins.wpengine.com
Referer: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 04:19:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:40:17 GMT
server: sffe
age: 235629
status: 200
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14896
x-xss-protection: 0
expires: Thu, 09 Sep 2021 04:19:43 GMT

GET
H2 200 fa-solid-900.woff2
josephnorins.wpengine.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 74 KB
75 KB 170ms
170ms Font
font/woff2 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://josephnorins.wpengine.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 435b0f7d4b66f276c41a294d64e682a92224ef796e3ae0b723cf23ffaa64c0d6

Request headers

Origin: https://josephnorins.wpengine.com
Referer: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:52 GMT
last-modified: Thu, 20 Aug 2020 16:19:48 GMT
server: nginx
status: 200
etag: "5f3ea2a4-12944"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 76100

GET
H2 200 icomoon.woff
josephnorins.wpengine.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 19 KB
19 KB 170ms
170ms Font
font/woff 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://josephnorins.wpengine.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
Requested by: Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: be9cbd5f07dd141bdd7c3d8c09b52c6e283506072e37539d05dc4b9dcbb68e5b

Request headers

Origin: https://josephnorins.wpengine.com
Referer: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:52 GMT
last-modified: Thu, 20 Aug 2020 16:19:48 GMT
server: nginx
status: 200
etag: "5f3ea2a4-4c68"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 19560

GET
H3-Q050 200 -nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx1Prx52g.woff
fonts.gstatic.com/s/dmserifdisplay/v4/ 22 KB
22 KB 30ms
16ms Font
font/woff 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmserifdisplay/v4/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx1Prx52g.woff

Requested by

Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae8a067a2986aa95d9519acf2c3e94808cc71bb32b49d3671d45f1f152dea39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://josephnorins.wpengine.com
Referer: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:48:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Nov 2019 21:14:59 GMT
server: sffe
age: 381492
status: 200
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22096
x-xss-protection: 0
expires: Tue, 07 Sep 2021 11:48:40 GMT

GET
H3-Q050 200 va9F4kzIxd1KFrjTZPZ4sKvkQz__.woff
fonts.gstatic.com/s/chivo/v12/ 12 KB
12 KB 28ms
15ms Font
font/woff 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chivo/v12/va9F4kzIxd1KFrjTZPZ4sKvkQz__.woff

Requested by

Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa0fac557a359f50bfc44a5922a2ec5055ebf68604be764378a296ce9317f6f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://josephnorins.wpengine.com
Referer: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 04:20:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:17:09 GMT
server: sffe
age: 235612
status: 200
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12364
x-xss-protection: 0
expires: Thu, 09 Sep 2021 04:20:00 GMT

GET
H3-Q050 200 va9F4kzIxd1KFrjDY_Z4sKvkQz__.woff
fonts.gstatic.com/s/chivo/v12/ 16 KB
16 KB 25ms
14ms Font
font/woff 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chivo/v12/va9F4kzIxd1KFrjDY_Z4sKvkQz__.woff

Requested by

Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc221eec278c5828fb0da149618e296cc46fb89781759c2f4f84d908ada6fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://josephnorins.wpengine.com
Referer: https://josephnorins.wpengine.com/wp-content/uploads/fusion-styles/f730166692380a3f5163296babcc592e.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 04:58:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:04:07 GMT
server: sffe
age: 233288
status: 200
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15972
x-xss-protection: 0
expires: Thu, 09 Sep 2021 04:58:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-172354428-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 1872
date: Fri, 11 Sep 2020 21:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Fri, 11 Sep 2020 23:15:40 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
402 B 38ms
12ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=461421572&t=pageview&_s=1&dl=https%3A%2F%2Fjosephnorins.wpengine.com%2F&ul=en-us&de=UTF-8&dt=New%20York%20Employment%20Lawyers%20%7C%20Joseph%20%26%20Norinsberg%20LLC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=135208043&gjid=503325979&cid=852857426.1599860813&tid=UA-172354428-2&_gid=682801820.1599860813&_r=1&gtm=2ou920&z=1849719595

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 21:46:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://josephnorins.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
26 B 36ms
14ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=461421572&t=pageview&_s=1&dl=https%3A%2F%2Fjosephnorins.wpengine.com%2F&ul=en-us&de=UTF-8&dt=New%20York%20Employment%20Lawyers%20%7C%20Joseph%20%26%20Norinsberg%20LLC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=391987274&gjid=1402371116&cid=852857426.1599860813&tid=UA-101610172-1&_gid=682801820.1599860813&_r=1&gtm=2wg920P9WQXZV&z=525499538

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 21:46:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://josephnorins.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-101610172-1&cid=852857426.1599860813&jid=391987274&gjid=1402371116&_gid=682801820.1599860813&_u=YEDAAUABAAAAAC~&z=2051467388

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Sep 2020 21:46:53 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://josephnorins.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attorneys-one.jpg
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 89 KB
89 KB 114ms
114ms Image
image/jpeg 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/attorneys-one.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 12b2ffafe69752b3286a7b7defe07a92c93ced3ec29ecdd531f733c0ca4c4a15

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:53 GMT
last-modified: Thu, 20 Aug 2020 17:32:13 GMT
server: nginx
status: 200
etag: "5f3eb39d-1624f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 90703

GET
H2 200 gender-discrimination-600x399.jpg
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 32 KB
32 KB 130ms
126ms Image
image/jpeg 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/gender-discrimination-600x399.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: bf18a4917a0bfe9522d6be4286a59f8a76cd5e77d48df7bdffa1f96c20fda859

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:53 GMT
last-modified: Thu, 20 Aug 2020 17:32:15 GMT
server: nginx
status: 200
etag: "5f3eb39f-80b3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 32947

GET
H2 200 sexual-harassment-600x399.jpg
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 40 KB
40 KB 130ms
127ms Image
image/jpeg 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/sexual-harassment-600x399.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 986721935d1fd8f8d1258cd5a57d2486716b8b68d44677c525f0a2398ab40bde

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:53 GMT
last-modified: Thu, 20 Aug 2020 17:32:21 GMT
server: nginx
status: 200
etag: "5f3eb3a5-a000"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 40960

GET
H2 200 race-discrimination-600x399.jpg
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 24 KB
25 KB 130ms
127ms Image
image/jpeg 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/race-discrimination-600x399.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 077ffe0c78d4c3e2efdca0108b0caf78903c23197ec5b3625851397e494ef9c6

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:53 GMT
last-modified: Thu, 20 Aug 2020 17:32:21 GMT
server: nginx
status: 200
etag: "5f3eb3a5-61b1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 25009

GET
H2 200 wage-and-hour-600x399.jpg
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 38 KB
38 KB 130ms
127ms Image
image/jpeg 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/wage-and-hour-600x399.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6046d72cef322586089bb162c4b5c085bb5919eb9aa6c11da2a2a6d5480d4e2e

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:53 GMT
last-modified: Thu, 20 Aug 2020 17:32:25 GMT
server: nginx
status: 200
etag: "5f3eb3a9-96dc"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 38620

GET
H2 200 disibility-discrimination-600x399.jpg
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 55 KB
55 KB 130ms
128ms Image
image/jpeg 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/disibility-discrimination-600x399.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 57e1b3230e73cd70c88cb0b61c817774c28e0c6f7359d5b5508d034d78c766d2

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:53 GMT
last-modified: Thu, 20 Aug 2020 17:32:15 GMT
server: nginx
status: 200
etag: "5f3eb39f-dc24"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 56356

GET
H2 200 sexual-orientation-600x399.jpg
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 26 KB
26 KB 130ms
128ms Image
image/jpeg 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/sexual-orientation-600x399.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 231d2811716cd13a597429dcc72f7093bd737ec573ebd3eb9899aec824c88d2d

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:53 GMT
last-modified: Thu, 20 Aug 2020 17:32:22 GMT
server: nginx
status: 200
etag: "5f3eb3a6-669f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 26271

GET
H2 200 age-discrimination-600x399.jpg
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 35 KB
36 KB 131ms
128ms Image
image/jpeg 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/age-discrimination-600x399.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f2acf02d9692ef5e8f71a06781930b1bffd6627b661e0e7d36e2ab107ba4d56e

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:53 GMT
last-modified: Thu, 20 Aug 2020 17:32:13 GMT
server: nginx
status: 200
etag: "5f3eb39d-8d14"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 36116

GET
H2 200 pregnancy-discrimination-600x399.jpg
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 32 KB
33 KB 131ms
129ms Image
image/jpeg 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/pregnancy-discrimination-600x399.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 83b31d65cdcb6f0ea42fcde9c446d1ded6cd0bc10fd5e80b318d26cb52229577

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:53 GMT
last-modified: Thu, 20 Aug 2020 17:32:18 GMT
server: nginx
status: 200
etag: "5f3eb3a2-8157"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 33111

GET
H2 200 wrongful-termination-600x399.jpg
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 33 KB
33 KB 206ms
205ms Image
image/jpeg 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/wrongful-termination-600x399.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ac54f8a93bf98a01e10d6667a0b610cbd824237e00fbb1d275da42c0ce8d52c2

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:53 GMT
last-modified: Thu, 20 Aug 2020 17:32:25 GMT
server: nginx
status: 200
etag: "5f3eb3a9-8501"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 34049

GET
H2 200 hero-image.jpg
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 123 KB
124 KB 130ms
129ms Image
image/jpeg 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/hero-image.jpg
Requested by: Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87e6f6d1c8ba5050b7d8705e69ce343d02e32cbf880ec5a7430e5c2555b73f94

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:53 GMT
last-modified: Thu, 20 Aug 2020 17:32:15 GMT
server: nginx
status: 200
etag: "5f3eb39f-1ed54"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 126292

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 19ms
18ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-101610172-1&cid=852857426.1599860813&jid=391987274&_u=YEDAAUABAAAAAC~&z=1209669571

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 21:46:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 16ms
16ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-101610172-1&cid=852857426.1599860813&jid=391987274&_u=YEDAAUABAAAAAC~&z=1209669571

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 21:46:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google-reviews-200x104.png
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 15 KB
15 KB 116ms
115ms Image
image/png 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/google-reviews-200x104.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 457904786db8b4a1cc710a03ee78f0f41ca51f35e297714f6f824bbf123305e1

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:54 GMT
last-modified: Fri, 21 Aug 2020 15:14:55 GMT
server: nginx
status: 200
etag: "5f3fe4ef-3c0e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15374

GET
H2 200 new-york-law-journal-200x104.png
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 14 KB
14 KB 114ms
114ms Image
image/png 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/new-york-law-journal-200x104.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b62146b84e56998e30d99e694b145d3dd63b36bb4d5575937bbcf88d847b0b50

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:54 GMT
last-modified: Fri, 21 Aug 2020 15:14:55 GMT
server: nginx
status: 200
etag: "5f3fe4ef-38b6"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 14518

GET
H2 200 attorneys-one.jpg
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 89 KB
89 KB 117ms
116ms Image
image/jpeg 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/attorneys-one.jpg
Requested by: Host: josephnorins.wpengine.com
URL: https://josephnorins.wpengine.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 12b2ffafe69752b3286a7b7defe07a92c93ced3ec29ecdd531f733c0ca4c4a15

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:54 GMT
last-modified: Thu, 20 Aug 2020 17:32:13 GMT
server: nginx
status: 200
etag: "5f3eb39d-1624f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 90703

GET
H2 200 super-lawyers-200x104.png
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 8 KB
8 KB 114ms
113ms Image
image/png 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/super-lawyers-200x104.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2e7d9d92a75473e66f2d4746db301badd905609fe4b813720249fedd247a8a87

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:54 GMT
last-modified: Fri, 21 Aug 2020 15:14:55 GMT
server: nginx
status: 200
etag: "5f3fe4ef-2045"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8261

GET
H2 200 top-attorneys-200x104.png
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 19 KB
19 KB 116ms
115ms Image
image/png 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/top-attorneys-200x104.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8c8daae0f12e9f3c8af689741b0572e968244fd722f90d436f4ce09180f4a338

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:54 GMT
last-modified: Fri, 21 Aug 2020 15:14:56 GMT
server: nginx
status: 200
etag: "5f3fe4f0-4c36"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 19510

GET
H2 200 NELA-200x104.png
josephnorins.wpengine.com/wp-content/uploads/2020/08/ 7 KB
7 KB 115ms
114ms Image
image/png 34.74.5.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://josephnorins.wpengine.com/wp-content/uploads/2020/08/NELA-200x104.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.5.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.5.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e39a34e6b45e01399dc1a328f05a15d5f23f0308708d0e9c7f891d7f258efdde

Request headers

Referer: https://josephnorins.wpengine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 21:46:54 GMT
last-modified: Fri, 21 Aug 2020 15:14:55 GMT
server: nginx
status: 200
etag: "5f3fe4ef-1b23"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6947

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wpengine.com/	1970-01-19 12:24:20	Name: _gat_UA-101610172-1 Value: 1
.wpengine.com/	1970-01-19 12:24:20	Name: _gat_gtag_UA_172354428_2 Value: 1
.wpengine.com/	1970-01-19 12:25:47	Name: _gid Value: GA1.2.682801820.1599860813
.wpengine.com/	1970-01-20 05:55:32	Name: _ga Value: GA1.2.852857426.1599860813

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://josephnorins.wpengine.com/wp-content/cache/autoptimize/js/autoptimize_5fbdad18553345c8918fa15a7e5d3f45.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://josephnorins.wpengine.com/(Line 48) Message: 2
console-api	log	URL: https://josephnorins.wpengine.com/(Line 48) Message: 2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1526758fa0134ffe863ec622f3ee0f5d.js.ubembed.com
assets.ubembed.com
chimpstatic.com
fonts.gstatic.com
josephnorins.wpengine.com
stats.g.doubleclick.net
www.employeejustice.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
143.204.215.116
151.101.13.131
2.17.177.117
2a00:1450:4001:814::2004
2a00:1450:4001:818::2003
2a00:1450:4001:818::2008
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9c
34.74.5.49
077ffe0c78d4c3e2efdca0108b0caf78903c23197ec5b3625851397e494ef9c6
0dc221eec278c5828fb0da149618e296cc46fb89781759c2f4f84d908ada6fa4
12b2ffafe69752b3286a7b7defe07a92c93ced3ec29ecdd531f733c0ca4c4a15
159416eb08261d07b7fcbafed2d9ef90cafa56686c60441c02d0fe8d107dd1ae
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
231d2811716cd13a597429dcc72f7093bd737ec573ebd3eb9899aec824c88d2d
24f3e83c3c10c6ee3b5a05286c20b0b02915d3ada7e49a4f3a9c93239f14dda5
2e7d9d92a75473e66f2d4746db301badd905609fe4b813720249fedd247a8a87
32e3cd6a9b95a0ae998d208b8a8bf7d32e8c84ced9499fad77bfb9d5c2660da9
435b0f7d4b66f276c41a294d64e682a92224ef796e3ae0b723cf23ffaa64c0d6
457904786db8b4a1cc710a03ee78f0f41ca51f35e297714f6f824bbf123305e1
49276f10666995b90f293e85301f4df7ee81449d11aadc54f8fb702cedca60a1
571e282f03562e53cadf6a91a2ff34c23f86500f14ac16fd6e2cc4dc49bfac3b
57e1b3230e73cd70c88cb0b61c817774c28e0c6f7359d5b5508d034d78c766d2
5b8bc02cc23ee8349c56fddb8e525b38d40824d31b1983f9e13ad06256ba1b6d
6046d72cef322586089bb162c4b5c085bb5919eb9aa6c11da2a2a6d5480d4e2e
6aa1b1167e1a5a38deb3e50aed21984cff6ebf2df86f7473f3cc5d2e96ee6638
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
780ec192e68cffe82a3657a8cdf0ba1692cfb16044f92295a6934463a5901ee5
83b31d65cdcb6f0ea42fcde9c446d1ded6cd0bc10fd5e80b318d26cb52229577
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87e6f6d1c8ba5050b7d8705e69ce343d02e32cbf880ec5a7430e5c2555b73f94
8c8daae0f12e9f3c8af689741b0572e968244fd722f90d436f4ce09180f4a338
986721935d1fd8f8d1258cd5a57d2486716b8b68d44677c525f0a2398ab40bde
a4a041540a7d09d2ac013c311f9d336df379c089da403c05784cb828ec53ee24
ac54f8a93bf98a01e10d6667a0b610cbd824237e00fbb1d275da42c0ce8d52c2
b62146b84e56998e30d99e694b145d3dd63b36bb4d5575937bbcf88d847b0b50
bae8a067a2986aa95d9519acf2c3e94808cc71bb32b49d3671d45f1f152dea39
be9cbd5f07dd141bdd7c3d8c09b52c6e283506072e37539d05dc4b9dcbb68e5b
bf18a4917a0bfe9522d6be4286a59f8a76cd5e77d48df7bdffa1f96c20fda859
c4270ae98fe1d6c6aa75a9afcbcf208c1962ec800be06a38a4a910a9eac9f275
d736e07ed9995b0322deb437edf6ba4cc5ba6e8db30b905bb8e07c6ee530da6b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df25786bc3951d78d0f763a2a75a1f33b01b8ae2a5157831d2cf4d0348c2ede7
e39a34e6b45e01399dc1a328f05a15d5f23f0308708d0e9c7f891d7f258efdde
ec8e6bf957b3773127aa7fd76bae20128e006083259ac0f63cbb259dd4eece33
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2acf02d9692ef5e8f71a06781930b1bffd6627b661e0e7d36e2ab107ba4d56e
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
fa0fac557a359f50bfc44a5922a2ec5055ebf68604be764378a296ce9317f6f5
fe38c8f1056319577dd33ff3a9d7dba47c2a7edee09666f9697aafe8abac4937

josephnorins.wpengine.com Open in urlscan Pro 34.74.5.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

64 %IPv6

10 Domains

11 Subdomains

12 IPs

4 Countries

1426 kBTransfer

3574 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

josephnorins.wpengine.com Open in urlscan Pro
34.74.5.49 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

12
IPs

4
Countries

1426 kB
Transfer

3574 kB
Size

4
Cookies

40 HTTP transactions
4 data transactions