urlscan.io logo urlscan.io
SecurityTrails logo

www.federalemployeeretirement.net Open in urlscan Pro
2607:f1c0:100f:f000::2b8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rhqbxz5ab.cc.rs6.net/tn.jsp?f=001gqhhejBiy7I3wVneIQDphfhUZClsV_4xLjjQldcVTkh2LuO6AHt1yLOtg4Zq_IqvsrjzcIx6sMfs1014vjMf...
Effective URL: https://www.federalemployeeretirement.net/machform/view.php?id=32652
Submission Tags: falconsandbox
Submission: On November 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2607:f1c0:100f:f000::2b8, located in United States and belongs to . The main domain is www.federalemployeeretirement.net.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on February 21st 2024. Valid for: a year.
This is the only time www.federalemployeeretirement.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains		 Transfer
9 federalemployeeretirement.net
www.federalemployeeretirement.net
217 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
3 KB
1 rs6.net
rhqbxz5ab.cc.rs6.net
386 B
11 4
Domain Requested by
9 www.federalemployeeretirement.net www.federalemployeeretirement.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.federalemployeeretirement.net
1 rhqbxz5ab.cc.rs6.net 1 redirects
11 4

This site contains no links.

Subject Issuer Validity Valid
www.federalemployeeretirement.net
GeoTrust TLS RSA CA G1		 2024-02-21 -
2025-03-07		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.federalemployeeretirement.net/machform/view.php?id=32652
Frame ID: 4CEB8D60367F8393433ECC061B8B2079
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Federal Employee Whitepaper Request Form

Page URL History Show full URLs

  1. https://rhqbxz5ab.cc.rs6.net/tn.jsp?f=001gqhhejBiy7I3wVneIQDphfhUZClsV_4xLjjQldcVTkh2LuO6AHt1yLOtg4Zq_Iqv... HTTP 302
    https://www.federalemployeeretirement.net/machform/view.php?id=32652 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

11
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

268 kB
Transfer

350 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rhqbxz5ab.cc.rs6.net/tn.jsp?f=001gqhhejBiy7I3wVneIQDphfhUZClsV_4xLjjQldcVTkh2LuO6AHt1yLOtg4Zq_IqvsrjzcIx6sMfs1014vjMfLgRPBLCCTDtSrfsgB2NudUSrjyK5J7oTLOhpMnrgBzU3OKNOWzEf0toilrJTsssqj1kaS4oqmKrZjItmWXb9egGITLvToHpl-POztzYCyI3qjMNVQ_clnREf3yDHd0XkUAzmWlIZn62j&c=8yQ2hfoEaumWualhnvmvKaZLzCVClLog4_KQRLlyta1w_CwoBhzFdw%3D%3D&ch=kFcJ4nEVyq1401pJ6cRqLEd8dIEQlkED0k28KZc2xjSbc3OrWDsNhw%3D%3D HTTP 302
    https://www.federalemployeeretirement.net/machform/view.php?id=32652 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request view.php
www.federalemployeeretirement.net/machform/
Redirect Chain
  • https://rhqbxz5ab.cc.rs6.net/tn.jsp?f=001gqhhejBiy7I3wVneIQDphfhUZClsV_4xLjjQldcVTkh2LuO6AHt1yLOtg4Zq_IqvsrjzcIx6sMfs1014vjMfLgRPBLCCTDtSrfsgB2NudUSrjyK5J7oTLOhpMnrgBzU3OKNOWzEf0toilrJTsssqj1kaS4oq...
  • https://www.federalemployeeretirement.net/machform/view.php?id=32652
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.federalemployeeretirement.net/machform/view.php?id=32652
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2b8 , United States, ASN (),
Reverse DNS
Software
Apache /
Resource Hash
7431ac4965ec69bbc9a23062487d36647a4e357998bfbe255854455e3508463f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Nov 2024 18:49:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache

Redirect headers

Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection
close
Content-Length
0
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 13 Nov 2024 18:49:44 GMT
Location
https://www.federalemployeeretirement.net/machform/view.php?id=32652
P3P
CP="CAO DSP TAIa OUR NOR UNI"
Pragma
no-cache
Server
Apache
view.css
www.federalemployeeretirement.net/machform/data/form_32652/css/ 		50 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.federalemployeeretirement.net/machform/data/form_32652/css/view.css
Requested by
Host: www.federalemployeeretirement.net
URL: https://www.federalemployeeretirement.net/machform/view.php?id=32652
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2b8 , United States, ASN (),
Reverse DNS
Software
Apache /
Resource Hash
237dc9a69be540bad19a1af0258a492ba1165324a46ba4786e53d45deb92966a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.federalemployeeretirement.net/machform/view.php?id=32652

Response headers

accept-ranges
bytes
content-length
51448
date
Wed, 13 Nov 2024 18:49:45 GMT
etag
"c8f8-621b13a4f4048"
content-type
text/css
last-modified
Mon, 09 Sep 2024 15:15:31 GMT
server
Apache
view.mobile.css
www.federalemployeeretirement.net/machform/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.federalemployeeretirement.net/machform/view.mobile.css
Requested by
Host: www.federalemployeeretirement.net
URL: https://www.federalemployeeretirement.net/machform/view.php?id=32652
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2b8 , United States, ASN (),
Reverse DNS
Software
Apache /
Resource Hash
a103e1db020ba5dd2af0baa79748dd8c3f9265d4f3d110d83314cee8140e7754

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.federalemployeeretirement.net/machform/view.php?id=32652

Response headers

accept-ranges
bytes
content-length
8690
date
Wed, 13 Nov 2024 18:49:45 GMT
etag
"21f2-5d60bc624d50d"
content-type
text/css
last-modified
Thu, 20 Jan 2022 23:22:20 GMT
server
Apache
css_theme.php
www.federalemployeeretirement.net/machform/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.federalemployeeretirement.net/machform/css_theme.php?theme_id=2
Requested by
Host: www.federalemployeeretirement.net
URL: https://www.federalemployeeretirement.net/machform/view.php?id=32652
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2b8 , United States, ASN (),
Reverse DNS
Software
Apache /
Resource Hash
dd5e6dd15cfe1a0b051f73eca0c03b83cd76140383101a1dcb5c2195a1cfdfe4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.federalemployeeretirement.net/machform/view.php?id=32652

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache, must-revalidate
date
Wed, 13 Nov 2024 18:49:45 GMT
pragma
no-cache
content-type
text/css;charset=UTF-8
server
Apache
css
fonts.googleapis.com/ 		83 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,regular,500,600,700,800,300italic,italic,500italic,600italic,700italic,800italic|Ubuntu:300,300italic,regular,italic,500,500italic,700,700italic
Requested by
Host: www.federalemployeeretirement.net
URL: https://www.federalemployeeretirement.net/machform/view.php?id=32652
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
758ccce0a5dd771051414d2371f4efbc282d3e473daa0b69104de703c18309bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.federalemployeeretirement.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 18:49:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 18:49:45 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 13 Nov 2024 18:49:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery.min.js
www.federalemployeeretirement.net/machform/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.federalemployeeretirement.net/machform/js/jquery.min.js
Requested by
Host: www.federalemployeeretirement.net
URL: https://www.federalemployeeretirement.net/machform/view.php?id=32652
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2b8 , United States, ASN (),
Reverse DNS
Software
Apache /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.federalemployeeretirement.net/machform/view.php?id=32652

Response headers

accept-ranges
bytes
content-length
89476
date
Wed, 13 Nov 2024 18:49:45 GMT
etag
"15d84-5d60be062ace1"
content-type
text/javascript
last-modified
Thu, 20 Jan 2022 23:29:41 GMT
server
Apache
effect.js
www.federalemployeeretirement.net/machform/js/jquery-ui-1.12/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.federalemployeeretirement.net/machform/js/jquery-ui-1.12/effect.js
Requested by
Host: www.federalemployeeretirement.net
URL: https://www.federalemployeeretirement.net/machform/view.php?id=32652
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2b8 , United States, ASN (),
Reverse DNS
Software
Apache /
Resource Hash
01a98d8f1c110708e03c959cab5ed0bfae07cb4c6fbde366ddddac1ca71eee4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.federalemployeeretirement.net/machform/view.php?id=32652

Response headers

accept-ranges
bytes
content-length
40997
date
Wed, 13 Nov 2024 18:49:45 GMT
etag
"a025-5d60be4ac0c38"
content-type
text/javascript
last-modified
Thu, 20 Jan 2022 23:30:53 GMT
server
Apache
view.js
www.federalemployeeretirement.net/machform/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.federalemployeeretirement.net/machform/view.js
Requested by
Host: www.federalemployeeretirement.net
URL: https://www.federalemployeeretirement.net/machform/view.php?id=32652
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2b8 , United States, ASN (),
Reverse DNS
Software
Apache /
Resource Hash
bc4852f6a3956afbd3ee6b8eecb9e3c4a81bbb1bf493af5f2d69abc57d36b68e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.federalemployeeretirement.net/machform/view.php?id=32652

Response headers

accept-ranges
bytes
content-length
23523
date
Wed, 13 Nov 2024 18:49:45 GMT
etag
"5be3-5d60bcb201087"
content-type
text/javascript
last-modified
Thu, 20 Jan 2022 23:23:44 GMT
server
Apache
machform.png
www.federalemployeeretirement.net/machform/images/form_resources/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.federalemployeeretirement.net/machform/images/form_resources/machform.png
Requested by
Host: www.federalemployeeretirement.net
URL: https://www.federalemployeeretirement.net/machform/css_theme.php?theme_id=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2b8 , United States, ASN (),
Reverse DNS
Software
Apache /
Resource Hash
c93d16c41461795eb205a1c08bd089ac97842f4aa8924e7e7b699274b52957fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.federalemployeeretirement.net/machform/css_theme.php?theme_id=2

Response headers

accept-ranges
bytes
content-length
1999
date
Wed, 13 Nov 2024 18:49:45 GMT
etag
"7cf-5d60be1675c8d"
content-type
image/png
last-modified
Thu, 20 Jan 2022 23:29:58 GMT
server
Apache
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,regular,500,600,700,800,300italic,italic,500italic,600italic,700italic,800italic|Ubuntu:300,300italic,regular,italic,500,500italic,700,700italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.federalemployeeretirement.net
Referer
https://fonts.googleapis.com/

Response headers

age
12084
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:28:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:28:21 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
favicon.ico
www.federalemployeeretirement.net/ 		0
80 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.federalemployeeretirement.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2b8 , United States, ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.federalemployeeretirement.net/machform/view.php?id=32652

Response headers

date
Wed, 13 Nov 2024 18:49:46 GMT
content-type
image/vnd.microsoft.icon
server
Apache

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| calculate_total_payment function| select_date function| select_europe_date function| remove_attachment function| check_upload_queue function| upload_all_files function| is_support_html5_uploader function| count_input function| limit_input function| clear_cb_other function| refresh_signature function| clear_signature function| switch_signature_type

2 Cookies

Domain/Path Name / Value
www.federalemployeeretirement.net/ Name: PHPSESSID
Value: 2a4d7a8c68be6e666f8ca67131f8db5f
www.federalemployeeretirement.net/ Name: mf_has_cookie
Value: 1