urlscan.io logo urlscan.io
SecurityTrails logo

retirementservices.ehr.com Open in urlscan Pro
20.97.137.237  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://retirementservices.ehr.com/
Effective URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Submission: On February 17 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 25 HTTP transactions. The main IP is 20.97.137.237, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is retirementservices.ehr.com.
TLS certificate: Issued by GlobalSign ECC OV SSL CA 2018 on November 4th 2023. Valid for: a year.
This is the only time retirementservices.ehr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 20.97.137.237 8075 (MICROSOFT...)
2 52.179.73.59 8075 (MICROSOFT...)
25 2
Apex Domain
Subdomains		 Transfer
24 ehr.com
retirementservices.ehr.com
455 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 754
204 B
25 2
Domain Requested by
24 retirementservices.ehr.com 1 redirects retirementservices.ehr.com
2 dc.services.visualstudio.com retirementservices.ehr.com
25 2

This site contains links to these domains. Also see Links.

Domain
www.allaboutcookies.org
policies.google.com
Subject Issuer Validity Valid
*.ehr.com
GlobalSign ECC OV SSL CA 2018		 2023-11-04 -
2024-12-05		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-01-19 -
2025-01-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Frame ID: E8DCB25EDE13748804B6E8417632165F
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In

Page URL History Show full URLs

  1. https://retirementservices.ehr.com/ HTTP 302
    https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f Page URL

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

454 kB
Transfer

901 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://retirementservices.ehr.com/ HTTP 302
    https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request LogOn
retirementservices.ehr.com/Account/
Redirect Chain
  • https://retirementservices.ehr.com/
  • https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
35 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d9d43706dd76d89a89206b8701508ce00027f9a4fd21db48a08f9690b05c364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
no-cache, no-store
content-encoding
gzip
content-length
15001
content-type
text/html; charset=utf-8
date
Sat, 17 Feb 2024 00:25:25 GMT
expires
-1
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

access-control-expose-headers
Request-Context
cache-control
private
content-length
145
content-type
text/html; charset=utf-8
date
Sat, 17 Feb 2024 00:25:25 GMT
location
/Account/LogOn?ReturnUrl=%2f
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
strict-origin-when-cross-origin
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
Shared
retirementservices.ehr.com/Content/CSS/ 		234 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Content/CSS/Shared?v=SyqbIBuBBEVajufRZoAMtF1vtwjLnPDngKMFddXhCwg1
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f60662583ce5d3553c474cc18e23a962a7f64a0eec653f4dc4c475eb59b4d8c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Sun, 16 Feb 2025 00:25:25 GMT
date
Sat, 17 Feb 2024 00:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 17 Feb 2024 00:25:25 GMT
referrer-policy
strict-origin-when-cross-origin
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
50805
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
Shared
retirementservices.ehr.com/Scripts/ 		233 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Scripts/Shared?v=Jo7nBpNjM0j50JNw21UK1bHs5AFY1RRKnSBYI8F_54I1
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
39506bfc9c870dcf31102297446b03101e5e1566a8569b4fe5f31bb5dfe6e868
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Sun, 16 Feb 2025 00:25:26 GMT
date
Sat, 17 Feb 2024 00:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 17 Feb 2024 00:25:26 GMT
referrer-policy
strict-origin-when-cross-origin
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
CoBrowse
retirementservices.ehr.com/Content/CSS/ 		297 B
1009 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Content/CSS/CoBrowse?v=mT9znNc7LnxcI9sNwlCKUXUK9686pzKmvnOgCPzDyLc1
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5bf050a31de1a4827be94077b7a62ddc07b35c7b2de57f8a8fa1a665362b236b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Sun, 16 Feb 2025 00:25:26 GMT
date
Sat, 17 Feb 2024 00:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 17 Feb 2024 00:25:26 GMT
referrer-policy
strict-origin-when-cross-origin
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
256
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
CoBrowse
retirementservices.ehr.com/Scripts/ 		753 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Scripts/CoBrowse?v=GWjQM7o5QpNNd69eWofzvmBVrrKpaJGlLDJhBsXhPQA1
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
57f1f8818942de5f9f372320160611a78f5acd02e82a7601641962133263c632
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Sun, 16 Feb 2025 00:25:26 GMT
date
Sat, 17 Feb 2024 00:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 17 Feb 2024 00:25:26 GMT
referrer-policy
strict-origin-when-cross-origin
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
572
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
Account
retirementservices.ehr.com/Content/CSS/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Content/CSS/Account?v=dnI6UCKwYY4p1mPz_qRNfBD6shc3SRRCv1XImEVob8I1
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d5506130e6cdf1344632b1115780b6589c5a6b127d89017e785dc0de9830f4a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Sun, 16 Feb 2025 00:25:25 GMT
date
Sat, 17 Feb 2024 00:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 17 Feb 2024 00:25:25 GMT
referrer-policy
strict-origin-when-cross-origin
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
912
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
Account
retirementservices.ehr.com/Scripts/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Scripts/Account?v=yhToPXTc6ySEuazhgzrhEXtbmhCMbRT6HHbQEH0I9eI1
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0384e3d583ab498d9d6774388c4c94975593340f4897da20f7977b24e3a21535
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Sun, 16 Feb 2025 00:25:26 GMT
date
Sat, 17 Feb 2024 00:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 17 Feb 2024 00:25:26 GMT
referrer-policy
strict-origin-when-cross-origin
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
1973
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
AccountB2C
retirementservices.ehr.com/Content/CSS/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Content/CSS/AccountB2C?v=4rSC14iOV6lTST1qZ04X34Kb5JAbZvF9V9L7rUoCEY81
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2eb0d369f64e29ed55042ade1cbd0bd58d4279caaf97e9b66f228f0d73b4623
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Sun, 16 Feb 2025 00:25:25 GMT
date
Sat, 17 Feb 2024 00:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 17 Feb 2024 00:25:25 GMT
referrer-policy
strict-origin-when-cross-origin
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
3687
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
Client
retirementservices.ehr.com/Content/CSS/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Content/CSS/Client
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
067f8094b50c9a4df91d9574ba7cc9c4dafffcfb0f4a4cacfa96f11b98446e42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Sun, 16 Feb 2025 00:25:25 GMT
date
Sat, 17 Feb 2024 00:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 17 Feb 2024 00:25:25 GMT
referrer-policy
strict-origin-when-cross-origin
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
1903
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
tmobile-pension-tools-profileinputs.js
retirementservices.ehr.com/Client/Scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Client/Scripts/tmobile-pension-tools-profileinputs.js
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
de5eb0193fd8a231b4b0d818ca4a026a83255ae4c87ae66bc32d3dfeaf517c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 01 Feb 2024 04:44:06 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"02f8d49c954da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
592
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
tmobile-pension-tools-estimate.js
retirementservices.ehr.com/Client/Scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Client/Scripts/tmobile-pension-tools-estimate.js
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
84493246a476f66e8231ad35bbb2713b3123b2d32063315e08f88a37e87c8541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 01 Feb 2024 04:44:06 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"02f8d49c954da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
722
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
tmobile-pension-tools-savings.js
retirementservices.ehr.com/Client/Scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Client/Scripts/tmobile-pension-tools-savings.js
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ae1c953dc2f5c35c303dcd8540704cbb3c7a20b248ea1327fba5fd72ddc556a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 01 Feb 2024 04:44:06 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"02f8d49c954da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2289
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
tmobile-paymentformgroups-election.js
retirementservices.ehr.com/Client/Scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Client/Scripts/tmobile-paymentformgroups-election.js
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ca1ec350174d753809f6beec0d7007e1fb238501f5936d4da236ff7bf10ff7aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 01 Feb 2024 04:44:04 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"025c48c954da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1146
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
tmobile-retireonline-begin.js
retirementservices.ehr.com/Client/Scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Client/Scripts/tmobile-retireonline-begin.js
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1b8e565abbf3cf650e4f212422f5bdcd8afb30c43e097c515397acce6f8585df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 01 Feb 2024 04:44:06 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"02f8d49c954da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1753
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
tmobile-retireonline-paymentoptions.js
retirementservices.ehr.com/Client/Scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Client/Scripts/tmobile-retireonline-paymentoptions.js
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9f31edd4713febc6a6439673e8ee33af9def8cad97751b2dd3bcd588a44b2348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 01 Feb 2024 04:44:06 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"02f8d49c954da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
713
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
tmobile-payments-disbursement.js
retirementservices.ehr.com/Client/Scripts/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Client/Scripts/tmobile-payments-disbursement.js
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e90e4548c5db8d0d754b18b950cf5d80665ba8c82c1b7d81a510082497da2885
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 01 Feb 2024 04:44:06 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"02f8d49c954da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1759
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
applicationinsights.sdk.js
retirementservices.ehr.com/Scripts/ 		138 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Scripts/applicationinsights.sdk.js
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b8c58133dea2aca60947e74b699f79a5d518d9209e506a82f995accccb1a2a9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://retirementservices.ehr.com/Account/LogOn?ReturnUrl=%2f
Origin
https://retirementservices.ehr.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 07 Oct 2021 21:14:34 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"0198453c0bbd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
54665
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
logo-50_n.png
retirementservices.ehr.com/Client/Images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retirementservices.ehr.com/Client/Images/logo-50_n.png
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Content/CSS/Client
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74bb5af70858a0979d9e01687eda04f1979996cbf72676576f7ec1f6dedf7ddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Content/CSS/Client
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Feb 2024 04:44:04 GMT
etag
"025c48c954da1:0"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1270
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
img_sunsetbeach.jpg
retirementservices.ehr.com/Client/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retirementservices.ehr.com/Client/images/img_sunsetbeach.jpg
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Content/CSS/Client
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f34a53dac5439240c0f9bab9368d529575f275f6822de17cecdffa7f4c450db2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Content/CSS/Client
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Feb 2024 04:44:04 GMT
etag
"025c48c954da1:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
63017
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
op_830x125.jpg
retirementservices.ehr.com/Content/Images/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retirementservices.ehr.com/Content/Images/op_830x125.jpg
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Content/CSS/AccountB2C?v=4rSC14iOV6lTST1qZ04X34Kb5JAbZvF9V9L7rUoCEY81
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f5710b217a3874c260f7a29a8b99105c21d74c018c3dbed508f3e652853daba3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Content/CSS/AccountB2C?v=4rSC14iOV6lTST1qZ04X34Kb5JAbZvF9V9L7rUoCEY81
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Oct 2021 21:14:34 GMT
etag
"0198453c0bbd71:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
126372
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
btn-arr-alt.png
retirementservices.ehr.com/Client/Images/ 		289 B
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retirementservices.ehr.com/Client/Images/btn-arr-alt.png
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Content/CSS/Client
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8dc040dab43544c8bc5ddcb1ffa808765eee7db41cbc63474cd9b7d9881b8597
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Content/CSS/Client
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Feb 2024 04:44:04 GMT
etag
"025c48c954da1:0"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
289
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
phone.svg
retirementservices.ehr.com/Content/Images/svg/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retirementservices.ehr.com/Content/Images/svg/phone.svg
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Content/CSS/Shared?v=SyqbIBuBBEVajufRZoAMtF1vtwjLnPDngKMFddXhCwg1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
13e2c61b7474f72f1521c1fecc1952aafc6262f3d268d3382fac9ce3582c72d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://retirementservices.ehr.com/Content/CSS/Shared?v=SyqbIBuBBEVajufRZoAMtF1vtwjLnPDngKMFddXhCwg1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Oct 2021 21:14:34 GMT
etag
"0198453c0bbd71:0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2059
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
glyphicons-halflings-regular.woff2
retirementservices.ehr.com/Content/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://retirementservices.ehr.com/Content/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Content/CSS/Shared?v=SyqbIBuBBEVajufRZoAMtF1vtwjLnPDngKMFddXhCwg1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.97.137.237 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://retirementservices.ehr.com/Content/CSS/Shared?v=SyqbIBuBBEVajufRZoAMtF1vtwjLnPDngKMFddXhCwg1
Origin
https://retirementservices.ehr.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:25:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Oct 2021 21:14:34 GMT
etag
"0198453c0bbd71:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-expose-headers
Request-Context
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
18028
request-context
appId=cid-v1:86db171e-55df-4443-981b-8e7ff6aff08d
track
dc.services.visualstudio.com/v2/ 		96 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: retirementservices.ehr.com
URL: https://retirementservices.ehr.com/Scripts/applicationinsights.sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.59 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
8314bd9ed3b241d0e8e55a10687c9d7a0e42198b6f5bd82bc052ffa68ffb1637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://retirementservices.ehr.com/
accept-language
en-US,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Sat, 17 Feb 2024 00:25:26 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-length
96
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.59 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://retirementservices.ehr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Sat, 17 Feb 2024 00:25:26 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| telemetryInitializer object| appInsights string| localizedDateFormat string| cultureCode boolean| isMobile function| InitializeBootstrapPopovers function| InitializePrintButtons function| InitializeAjaxBeforeSend function| InitializeTimeOut function| RefreshTicket function| InitializeForms function| resetTimeOut function| InitializeOpenNewWindow function| InitializeVideos function| EqualizeHeights function| escapeRegExp function| parseDate function| getParams function| getQueryParams function| RefreshAlertsTab function| ToggleAddressState function| OpenUrl function| InitializeBootstrapCarousels function| InitializeBootstrapModals function| InitializeBootstrapTabs function| InitializeNavigationTabs function| CenterBootstrapModals function| InitializeCollapsiblePanelStack function| initializeSiteNavigation function| setNavigationTabMenuOffset function| setNavigationTabMenuWidth function| getCombinedWidth object| BC function| $ function| jQuery function| Inputmask function| removeLiveLookClickHandler object| Tmobile undefined| setupFakeRadioButtons_BASE function| customscreendisplay object| e function| t object| Microsoft

4 Cookies

Domain/Path Name / Value
retirementservices.ehr.com/ Name: TMobile__SessionId
Value: c005ce87-922e-45e4-bb83-851f43967c7f
retirementservices.ehr.com/ Name: __RequestVerificationToken
Value: enOlZz3l_6fv1EFJjf3itB47mZ1-Nb_7U3vbPJAFMyy4uVe3gsv-nq8DazzdlPBokbqLOJ0sJnaXoA0g653WG121HaAT_BO_hl94USpmJBU1
retirementservices.ehr.com/ Name: ai_user
Value: 4vCctyUXPU8VGWQoIiErMo|2024-02-17T00:25:26.366Z
retirementservices.ehr.com/ Name: ai_session
Value: ypP8ADklHaMC6RpiaAkphi|1708129526480|1708129526480

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dc.services.visualstudio.com
retirementservices.ehr.com
20.97.137.237
52.179.73.59
0384e3d583ab498d9d6774388c4c94975593340f4897da20f7977b24e3a21535
067f8094b50c9a4df91d9574ba7cc9c4dafffcfb0f4a4cacfa96f11b98446e42
13e2c61b7474f72f1521c1fecc1952aafc6262f3d268d3382fac9ce3582c72d0
1b8e565abbf3cf650e4f212422f5bdcd8afb30c43e097c515397acce6f8585df
39506bfc9c870dcf31102297446b03101e5e1566a8569b4fe5f31bb5dfe6e868
3d9d43706dd76d89a89206b8701508ce00027f9a4fd21db48a08f9690b05c364
57f1f8818942de5f9f372320160611a78f5acd02e82a7601641962133263c632
5bf050a31de1a4827be94077b7a62ddc07b35c7b2de57f8a8fa1a665362b236b
74bb5af70858a0979d9e01687eda04f1979996cbf72676576f7ec1f6dedf7ddd
8314bd9ed3b241d0e8e55a10687c9d7a0e42198b6f5bd82bc052ffa68ffb1637
84493246a476f66e8231ad35bbb2713b3123b2d32063315e08f88a37e87c8541
8dc040dab43544c8bc5ddcb1ffa808765eee7db41cbc63474cd9b7d9881b8597
9f31edd4713febc6a6439673e8ee33af9def8cad97751b2dd3bcd588a44b2348
ae1c953dc2f5c35c303dcd8540704cbb3c7a20b248ea1327fba5fd72ddc556a2
b8c58133dea2aca60947e74b699f79a5d518d9209e506a82f995accccb1a2a9a
ca1ec350174d753809f6beec0d7007e1fb238501f5936d4da236ff7bf10ff7aa
d5506130e6cdf1344632b1115780b6589c5a6b127d89017e785dc0de9830f4a8
de5eb0193fd8a231b4b0d818ca4a026a83255ae4c87ae66bc32d3dfeaf517c10
e90e4548c5db8d0d754b18b950cf5d80665ba8c82c1b7d81a510082497da2885
f2eb0d369f64e29ed55042ade1cbd0bd58d4279caaf97e9b66f228f0d73b4623
f34a53dac5439240c0f9bab9368d529575f275f6822de17cecdffa7f4c450db2
f5710b217a3874c260f7a29a8b99105c21d74c018c3dbed508f3e652853daba3
f60662583ce5d3553c474cc18e23a962a7f64a0eec653f4dc4c475eb59b4d8c8
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c