Submitted URL: http://secure-web.cisco.com/1EIhqmgYHn0SP5dvePXgoO60Rqnko4rR5GUtq6Z8y_iyocdHfw1rVp1dWmMqfhXAJjPMK79faiH_NOpQ4RmB2KUKUy_4zDDF...
Effective URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Submission: On March 22 via manual from US

Summary

This website contacted 22 IPs in 4 countries across 22 domains to perform 103 HTTP transactions. The main IP is 77.104.138.160, located in Bulgaria and belongs to SINGLEHOP-LLC - SingleHop LLC, US. The main domain is www.grcts.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 16th 2019. Valid for: 3 months.
This is the only time www.grcts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2620:101:2002... 16417 (IRONPORT-...)
1 1 13.111.18.12 22606 (EXACT-7)
38 77.104.138.160 32475 (SINGLEHOP...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:204... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2.23.104.167 16625 (AKAMAI-AS)
26 2.18.232.222 16625 (AKAMAI-AS)
1 52.218.208.240 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 74.86.208.240 36351 (SOFTLAYER)
6 74.86.208.241 36351 (SOFTLAYER)
3 2a03:2880:f00... 32934 (FACEBOOK)
4 2606:2800:234... 15133 (EDGECAST)
1 2.18.232.15 16625 (AKAMAI-AS)
1 104.244.42.72 13414 (TWITTER)
1 2a03:2880:f10... 32934 (FACEBOOK)
103 22
Domain Requested by
35 www.grcts.com www.grcts.com
s7.addthis.com
14 www.paypal.com www.paypalobjects.com
srcdoc
www.grcts.com
12 www.paypalobjects.com www.grcts.com
srcdoc
6 s7.mylivechat.com www.grcts.com
s7.mylivechat.com
4 platform.twitter.com s7.addthis.com
platform.twitter.com
4 www.google-analytics.com 1 redirects www.googletagmanager.com
www.grcts.com
4 pagead2.googlesyndication.com www.grcts.com
pagead2.googlesyndication.com
3 fonts.gstatic.com s7.addthis.com
www.grcts.com
3 grcts.com www.grcts.com
2 connect.facebook.net s7.addthis.com
connect.facebook.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 s7.addthis.com www.grcts.com
s7.addthis.com
1 www.facebook.com connect.facebook.net
1 syndication.twitter.com www.grcts.com
1 staticxx.facebook.com connect.facebook.net
1 api-public.addthis.com s7.addthis.com
1 m.addthisedge.com s7.addthis.com
1 mylivechat.com 1 redirects
1 www.googletagservices.com pagead2.googlesyndication.com
1 www.google.de www.grcts.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 s3-us-west-2.amazonaws.com www.grcts.com
1 www.googletagmanager.com www.grcts.com
1 cdn.ywxi.net www.grcts.com
1 fonts.googleapis.com www.grcts.com
1 click.learn.webinarsection.com 1 redirects
1 secure-web.cisco.com 1 redirects
103 30

This site contains no links.

Subject Issuer Validity Valid
grcts.com
Let's Encrypt Authority X3
2019-03-16 -
2019-06-14
3 months crt.sh
*.googleapis.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.ywxi.net
Amazon
2018-09-14 -
2019-10-14
a year crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
odc-prod-01.oracle.com
DigiCert ECC Secure Server CA
2018-05-06 -
2019-08-05
a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2018-08-14 -
2020-08-18
2 years crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2
2018-11-08 -
2019-11-06
a year crt.sh
*.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
www.google.de
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.mylivechat.com
Go Daddy Secure Certificate Authority - G2
2018-10-30 -
2020-11-02
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-03-08 -
2019-06-06
3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2018-11-19 -
2019-11-27
a year crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA
2019-01-24 -
2020-01-24
a year crt.sh

This page contains 12 frames:

Primary Page: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Frame ID: 6DC40F3221A6DEE6F5561FAAA6ECCA50
Requests: 86 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/show_ads_impl.js
Frame ID: D9BC9C03FB919A9B02DA7127304288F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190320/r20190131/zrt_lookup.html
Frame ID: 9767CA744B89963061A31AFFA1D526C2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1708566510127945&output=html&adk=1812271804&adf=3025194257&lmt=1553256142&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.grcts.com%2FTransportation-Fringe-Benefits%3FSF&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1553256142126&bpp=30&bdt=610&fdt=100&idt=99&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6915143433800&frm=20&pv=2&ga_vid=1631152077.1553256142&ga_sid=1553256142&ga_hid=284534105&ga_fc=0&iag=0&icsg=35201550957068&dssz=31&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=2285879327&ifi=0&uci=0.5o4xmkpxt4rn&fsb=1&dtd=115
Frame ID: E33D9EB49707E9BFDCACA835C5A84CBF
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/digitalassets/c/website/logo/full-text/ppc_wh_pri.svg
Frame ID: 7F1D000568768EAC31F32A9E2C51741D
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.grcts.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 8E1C729B07F522C39FFB881D6B8F01E1
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
Frame ID: F8CBC5C422245B8E60E787E73F5DD23D
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/digitalassets/c/website/logo/full-text/ppc_wh_pri.svg
Frame ID: 8C92CC89FAECE2505A54A8E31A734424
Requests: 4 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 1EBD87E815727D0C6D57EECECD7821AB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df22080ed8f27e78%26domain%3Dwww.grcts.com%26origin%3Dhttps%253A%252F%252Fwww.grcts.com%252Ff1d77a3329b02a%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.grcts.com%2FTransportation-Fringe-Benefits&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90
Frame ID: 46F8D3FEDD4CC3A996AABE86A7973E7E
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/4f2/254d5e59a340c945245ca83c45305/js/xhr-ads.min.js
Frame ID: 3B952F32C4E77A9EC38CE2B7034B8490
Requests: 2 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/4f2/254d5e59a340c945245ca83c45305/js/xhr-ads.min.js
Frame ID: EFB1B187F631F78C5F4FB7115CB161DB
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://secure-web.cisco.com/1EIhqmgYHn0SP5dvePXgoO60Rqnko4rR5GUtq6Z8y_iyocdHfw1rVp1dWmMqfhXAJjPMK79faiH_... HTTP 302
    http://click.learn.webinarsection.com/?qs=23b263dd17dbc6241c9f066059cfb8bbe55d520b5c7aae93c554ae464681eb902b4e146c... HTTP 302
    https://www.grcts.com/Transportation-Fringe-Benefits?SF Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • env /^PAYPAL$/i

Overall confidence: 100%
Detected patterns
  • env /^addthis/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • script /moment(?:\.min)?\.js/i
  • env /^moment$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

103
Requests

100 %
HTTPS

65 %
IPv6

22
Domains

30
Subdomains

22
IPs

4
Countries

2144 kB
Transfer

5054 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure-web.cisco.com/1EIhqmgYHn0SP5dvePXgoO60Rqnko4rR5GUtq6Z8y_iyocdHfw1rVp1dWmMqfhXAJjPMK79faiH_NOpQ4RmB2KUKUy_4zDDFlQwKVKvCPnD8Yo8qGWDop2fsQoiGmZbi7NzoKMVZj9gYGBub7aOjSLDwZN5WZnDTFyxt4GPvyR_t_ojDZuePYZHgQyclqkIEs5Ht5HkZ4fa5yf1tcEs_3-7T53NNzed7kvKh5oEjQNWp9qX5VXmkjSFxbaA40j2iyW1Dk2zO5nNgbQhWJsI7lT_zp_fP-c7LA7CAOcna3xN7gyL_-ro4i7o_eMuAH7LFdyA5DRAlE12JvDHvuoO02UTpXfnlUAFMmLm47-0d5xlQQiuw0f4gascgqyM__MnxVRpxMHMldTIQ0zOtLXcwe-9tRrPsSAVxSIrKxvh7N1pTYmp4Rd25q5hKaq4-37kct8dxN_9PR_tr1w-WpsIHwPc7-iEHxxMzOphbv1fvb9F3wC-INVimXIsnAyIO9VeCQ/http%3A%2F%2Fclick.learn.webinarsection.com%2F%3Fqs%3D23b263dd17dbc6241c9f066059cfb8bbe55d520b5c7aae93c554ae464681eb902b4e146c38a32bd2d56f62df1f473bc96c4705b69374ed73 HTTP 302
    http://click.learn.webinarsection.com/?qs=23b263dd17dbc6241c9f066059cfb8bbe55d520b5c7aae93c554ae464681eb902b4e146c38a32bd2d56f62df1f473bc96c4705b69374ed73 HTTP 302
    https://www.grcts.com/Transportation-Fringe-Benefits?SF Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=284534105&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grcts.com%2FTransportation-Fringe-Benefits%3FSF&ul=en-us&de=UTF-8&dt=Detailing%20Transportation%20Fringe%20Benefits%20-%20HRCI%20%26%20SHRM%20Accredited&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1388265770&gjid=791033818&cid=1631152077.1553256142&tid=UA-105189975-1&_gid=1568265706.1553256142&_r=1&gtm=2ou3b2&z=1567495260 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-105189975-1&cid=1631152077.1553256142&jid=1388265770&_gid=1568265706.1553256142&gjid=791033818&_v=j73&z=1567495260 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105189975-1&cid=1631152077.1553256142&jid=1388265770&_v=j73&z=1567495260 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105189975-1&cid=1631152077.1553256142&jid=1388265770&_v=j73&z=1567495260&slf_rd=1&random=3071194292
Request Chain 63
  • https://mylivechat.com/chatinline.aspx?hccid=58874850 HTTP 302
  • https://s7.mylivechat.com/livechat2/livechat2.aspx?hccid=58874850&apimode=chatinline

103 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Transportation-Fringe-Benefits
www.grcts.com/
Redirect Chain
  • http://secure-web.cisco.com/1EIhqmgYHn0SP5dvePXgoO60Rqnko4rR5GUtq6Z8y_iyocdHfw1rVp1dWmMqfhXAJjPMK79faiH_NOpQ4RmB2KUKUy_4zDDFlQwKVKvCPnD8Yo8qGWDop2fsQoiGmZbi7NzoKMVZj9gYGBub7aOjSLDwZN5WZnDTFyxt4GPvy...
  • http://click.learn.webinarsection.com/?qs=23b263dd17dbc6241c9f066059cfb8bbe55d520b5c7aae93c554ae464681eb902b4e146c38a32bd2d56f62df1f473bc96c4705b69374ed73
  • https://www.grcts.com/Transportation-Fringe-Benefits?SF
130 KB
21 KB
Document
General
Full URL
https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
f15631a101c7206ffc4842d9aefea372119b8c54d4a2c2c0db98577ff2db7a20

Request headers

:method
GET
:authority
www.grcts.com
:scheme
https
:path
/Transportation-Fringe-Benefits?SF
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Fri, 22 Mar 2019 12:02:21 GMT
content-type
text/html; charset=utf-8
content-length
21358
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; path=/; HttpOnly language=en; expires=Sun, 21-Apr-2019 12:02:21 GMT; Max-Age=2592000; path=/; domain=www.grcts.com currency=USD; expires=Sun, 21-Apr-2019 12:02:21 GMT; Max-Age=2592000; path=/; domain=www.grcts.com
vary
Accept-Encoding,User-Agent
content-encoding
gzip
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
alt-svc
quic=":443"; ma=86400; v="43,39"

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.grcts.com/Transportation-Fringe-Benefits?SF
Date
Fri, 22 Mar 2019 12:02:20 GMT
X-Cnection
close
Content-Length
172
jquery-2.1.1.min.js
www.grcts.com/catalog/view/javascript/jquery/
82 KB
29 KB
Script
General
Full URL
https://www.grcts.com/catalog/view/javascript/jquery/jquery-2.1.1.min.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

:path
/catalog/view/javascript/jquery/jquery-2.1.1.min.js
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2015 13:56:41 GMT
server
nginx
host-header
192fc2e7e50945beb8231a492d6a8024
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
expires
Sun, 24 Mar 2019 12:02:21 GMT
cache-control
max-age=172800
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
29497
x-proxy-cache
MISS
bootstrap.min.css
www.grcts.com/catalog/view/javascript/bootstrap/css/
120 KB
20 KB
Stylesheet
General
Full URL
https://www.grcts.com/catalog/view/javascript/bootstrap/css/bootstrap.min.css
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
b7e87ce463ff2354d97ad898b8b306c485d4fcbafe5c512b930fcef1ca1bcb69

Request headers

:path
/catalog/view/javascript/bootstrap/css/bootstrap.min.css
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Wed, 06 Jan 2016 18:30:21 GMT
server
nginx
host-header
192fc2e7e50945beb8231a492d6a8024
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
expires
Sun, 21 Apr 2019 12:02:21 GMT
cache-control
max-age=2592000
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
19873
x-proxy-cache
MISS
bootstrap.min.js
www.grcts.com/catalog/view/javascript/bootstrap/js/
36 KB
10 KB
Script
General
Full URL
https://www.grcts.com/catalog/view/javascript/bootstrap/js/bootstrap.min.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

:path
/catalog/view/javascript/bootstrap/js/bootstrap.min.js
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2015 13:56:41 GMT
server
nginx
etag
"8fd0-5216fffd83840-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
expires
Sun, 24 Mar 2019 12:02:21 GMT
cache-control
max-age=172800
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
9745
x-proxy-cache
MISS
font-awesome.min.css
www.grcts.com/catalog/view/javascript/font-awesome/css/
26 KB
6 KB
Stylesheet
General
Full URL
https://www.grcts.com/catalog/view/javascript/font-awesome/css/font-awesome.min.css
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

:path
/catalog/view/javascript/font-awesome/css/font-awesome.min.css
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2015 13:56:41 GMT
server
nginx
host-header
192fc2e7e50945beb8231a492d6a8024
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
expires
Sun, 21 Apr 2019 12:02:21 GMT
cache-control
max-age=2592000
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
6081
x-proxy-cache
MISS
css
fonts.googleapis.com/
9 KB
827 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,300,700
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
666998ff75769eedee58f18e3bad5db4d96124126e179ec5910f371c00e41b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 22 Mar 2019 12:02:21 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 22 Mar 2019 12:02:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Fri, 22 Mar 2019 12:02:21 GMT
stylesheet.css
www.grcts.com/catalog/view/theme/default/stylesheet/
37 KB
9 KB
Stylesheet
General
Full URL
https://www.grcts.com/catalog/view/theme/default/stylesheet/stylesheet.css?version=3.5.7
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
25f26a54649ee5f6e81451b77ce8299153ce04f2a899377c1a0bddf92250c0f8

Request headers

:path
/catalog/view/theme/default/stylesheet/stylesheet.css?version=3.5.7
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Thu, 07 Feb 2019 14:23:32 GMT
server
nginx
etag
"94ad-5814e964de730-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
expires
Sun, 21 Apr 2019 12:02:21 GMT
cache-control
max-age=2592000
host-header
192fc2e7e50945beb8231a492d6a8024
alt-svc
quic=":443"; ma=86400; v="43,39"
x-proxy-cache
MISS
magnific-popup.css
www.grcts.com/catalog/view/javascript/jquery/magnific/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.grcts.com/catalog/view/javascript/jquery/magnific/magnific-popup.css
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
bf2911b44c7fa0b1734ab6f03b8cb46245cef7df3cdf8deb0c9a1ad8c6294b7b

Request headers

:path
/catalog/view/javascript/jquery/magnific/magnific-popup.css
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2015 13:56:41 GMT
server
nginx
host-header
192fc2e7e50945beb8231a492d6a8024
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
expires
Sun, 21 Apr 2019 12:02:21 GMT
cache-control
max-age=2592000
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
1924
x-proxy-cache
MISS
social_icons.css
www.grcts.com/catalog/view/theme/default/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.grcts.com/catalog/view/theme/default/css/social_icons.css
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
13dbfdf300dc2a4a5f050c84c87a1c360ead9fb708715a4df026c14ada4c24d7

Request headers

:path
/catalog/view/theme/default/css/social_icons.css
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Wed, 16 Nov 2016 18:09:54 GMT
server
nginx
etag
"10f4-5416efad4a080-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
expires
Sun, 21 Apr 2019 12:02:21 GMT
cache-control
max-age=2592000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
808
x-proxy-cache
MISS
bootstrap-datetimepicker.min.css
www.grcts.com/catalog/view/javascript/jquery/datetimepicker/
5 KB
1 KB
Stylesheet
General
Full URL
https://www.grcts.com/catalog/view/javascript/jquery/datetimepicker/bootstrap-datetimepicker.min.css
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff

Request headers

:path
/catalog/view/javascript/jquery/datetimepicker/bootstrap-datetimepicker.min.css
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2015 13:56:41 GMT
server
nginx
etag
"13c2-5216fffd83840-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
expires
Sun, 21 Apr 2019 12:02:21 GMT
cache-control
max-age=2592000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
1074
x-proxy-cache
MISS
common.js
www.grcts.com/catalog/view/javascript/
13 KB
3 KB
Script
General
Full URL
https://www.grcts.com/catalog/view/javascript/common.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
4069a7285cbc5cdc3682a6dd52cd673ce3957603cef1b0a4b39b86a78ce2c115

Request headers

:path
/catalog/view/javascript/common.js
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2015 13:56:41 GMT
server
nginx
host-header
192fc2e7e50945beb8231a492d6a8024
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
expires
Sun, 24 Mar 2019 12:02:21 GMT
cache-control
max-age=172800
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
3002
x-proxy-cache
MISS
functions.js
www.grcts.com/catalog/view/javascript/
2 KB
1 KB
Script
General
Full URL
https://www.grcts.com/catalog/view/javascript/functions.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
4b4e4315d1362de5b58e49405ff8f628033b225bf52d67b6a5d7ab47410408f8

Request headers

:path
/catalog/view/javascript/functions.js
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Fri, 01 Jan 2016 18:28:20 GMT
server
nginx
etag
"815-52849ef88d900-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
expires
Sun, 24 Mar 2019 12:02:21 GMT
cache-control
max-age=172800
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
740
x-proxy-cache
MISS
jquery.magnific-popup.min.js
www.grcts.com/catalog/view/javascript/jquery/magnific/
20 KB
8 KB
Script
General
Full URL
https://www.grcts.com/catalog/view/javascript/jquery/magnific/jquery.magnific-popup.min.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
c6743217c9b525646d77f69bfb8cae859c8191ec933c8f5cae459a338b00fd2b

Request headers

:path
/catalog/view/javascript/jquery/magnific/jquery.magnific-popup.min.js
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2015 13:56:41 GMT
server
nginx
host-header
192fc2e7e50945beb8231a492d6a8024
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
expires
Sun, 24 Mar 2019 12:02:21 GMT
cache-control
max-age=172800
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
7564
x-proxy-cache
MISS
moment.js
www.grcts.com/catalog/view/javascript/jquery/datetimepicker/
91 KB
21 KB
Script
General
Full URL
https://www.grcts.com/catalog/view/javascript/jquery/datetimepicker/moment.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
c971da8733003f78cd8a2f8436a7c8bdda056e97411ab2c13f6dabec82c2828a

Request headers

:path
/catalog/view/javascript/jquery/datetimepicker/moment.js
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2015 13:56:41 GMT
server
nginx
host-header
192fc2e7e50945beb8231a492d6a8024
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
expires
Sun, 24 Mar 2019 12:02:21 GMT
cache-control
max-age=172800
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
21493
x-proxy-cache
MISS
bootstrap-datetimepicker.min.js
www.grcts.com/catalog/view/javascript/jquery/datetimepicker/
23 KB
7 KB
Script
General
Full URL
https://www.grcts.com/catalog/view/javascript/jquery/datetimepicker/bootstrap-datetimepicker.min.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2

Request headers

:path
/catalog/view/javascript/jquery/datetimepicker/bootstrap-datetimepicker.min.js
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2015 13:56:41 GMT
server
nginx
etag
"5a28-5216fffd83840-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
expires
Sun, 24 Mar 2019 12:02:21 GMT
cache-control
max-age=172800
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
6409
x-proxy-cache
MISS
1.js
cdn.ywxi.net/js/
8 KB
3 KB
Script
General
Full URL
https://cdn.ywxi.net/js/1.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:ba00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
eb06999d8d5e22641673bb9360064eea8cc3e73a0b3bd96a3a5810da72b5d4ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 11:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
age
1890
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
status
200
x-xss-protection
1; mode=block
content-length
2802
via
1.1 d76fac2b5a2f460a1cbffb76189f59ef.cloudfront.net (CloudFront)
x-amz-cf-id
fEt9m_ArGt4SZZZDo6Sg-ViTJoLZeMw6MU4jzeb038Z5q_iO2jl5oA==
expires
Fri, 22 Mar 2019 12:30:51 GMT
js
www.googletagmanager.com/gtag/
63 KB
24 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-105189975-1
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:808::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
73f99c8dfbdfc6b193da888cd534f8c8e3ade54626a96e1f98f0b3377c0d26b7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
br
last-modified
Thu, 21 Mar 2019 18:08:06 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24361
x-xss-protection
1; mode=block
expires
Fri, 22 Mar 2019 12:02:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
83 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6effc91c428a60d6940820dc4d8dacc769dbb1408ef3c8e70abcc4b9a4b6b68e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
31788
x-xss-protection
1; mode=block
server
cafe
etag
4107412348025197898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Mar 2019 12:02:21 GMT
Final%20Logo%20Small.png
www.grcts.com/image/catalog/
7 KB
7 KB
Image
General
Full URL
https://www.grcts.com/image/catalog/Final%20Logo%20Small.png
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
43128d520fe9a1d9ad7d08eac141ee8895eef8842bae155a90fb2e31eba5e147

Request headers

:path
/image/catalog/Final%20Logo%20Small.png
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Thu, 21 Sep 2017 17:29:51 GMT
server
nginx
etag
"1a70-559b67090a1c0"
vary
User-Agent
content-type
image/png
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
6768
x-proxy-cache
MISS
Vicki-74x74.png
www.grcts.com/image/cache/catalog/
8 KB
8 KB
Image
General
Full URL
https://www.grcts.com/image/cache/catalog/Vicki-74x74.png
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
e36177db116e562e80af6d0775e1c22e4f594fbab44eee744f4becb914d3ac48

Request headers

:path
/image/cache/catalog/Vicki-74x74.png
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Mon, 12 Feb 2018 11:43:44 GMT
server
nginx
etag
"1f90-5650263e75c00"
vary
User-Agent
content-type
image/png
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
8080
x-proxy-cache
MISS
refer.jpg
www.grcts.com/image/
4 KB
4 KB
Image
General
Full URL
https://www.grcts.com/image/refer.jpg
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
0e83403c279067a2e6cf6d83dfc3df7f5f7968a1a9aaa6c015874e8e9e77aea8

Request headers

:path
/image/refer.jpg
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Sat, 30 Jan 2016 17:59:46 GMT
server
nginx
etag
"e26-52a90eac52880"
vary
User-Agent
content-type
image/jpeg
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
3622
x-proxy-cache
MISS
hrci_ap_preapprovedseal_2018.png
grcts.com/image/
144 KB
144 KB
Image
General
Full URL
https://grcts.com/image/hrci_ap_preapprovedseal_2018.png
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
321575a4bb916ac6ce2f5411f36b8a07c3c92514690b8546e9fd166b0617f6bd

Request headers

:path
/image/hrci_ap_preapprovedseal_2018.png
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
last-modified
Sat, 10 Feb 2018 03:09:38 GMT
server
nginx
etag
"23e9f-564d2f9a80080"
vary
User-Agent
content-type
image/png
status
200
expires
Sat, 21 Mar 2020 12:02:22 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
147103
x-proxy-cache
MISS
SHRM_2018_CMYK.jpg
grcts.com/image/
650 KB
651 KB
Image
General
Full URL
https://grcts.com/image/SHRM_2018_CMYK.jpg
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
8229035e74d41d0082fef092bc6578af85b36e394493619ede9e0c014001664a

Request headers

:path
/image/SHRM_2018_CMYK.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
last-modified
Wed, 18 Jul 2018 17:46:24 GMT
server
nginx
etag
"a2721-57149a42fe96a"
vary
User-Agent
content-type
image/jpeg
status
200
expires
Sat, 21 Mar 2020 12:02:22 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
665377
x-proxy-cache
MISS
addthis_widget.js
s7.addthis.com/js/300/
344 KB
110 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.23.104.167 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-23-104-167.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
surrogate-key
client_dist
last-modified
Thu, 28 Feb 2019 14:32:49 GMT
etag
"5c77f111-561d6"
vary
Accept-Encoding
x-distribution
99
cache-tag
client_dist
status
200
cache-control
public, max-age=600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-type
application/javascript
Hampton%20Photo-80x80.png
www.grcts.com/image/cache/catalog/
10 KB
10 KB
Image
General
Full URL
https://www.grcts.com/image/cache/catalog/Hampton%20Photo-80x80.png
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
2e4a71ff3717cfe7cb963dba665095fa1686dba27c472266d8ead230a467bcf9

Request headers

:path
/image/cache/catalog/Hampton%20Photo-80x80.png
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Mon, 12 Feb 2018 09:16:03 GMT
server
nginx
etag
"2827-5650053bf3ac0"
vary
User-Agent
content-type
image/png
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
10279
x-proxy-cache
MISS
Vicki-80x80.png
www.grcts.com/image/cache/catalog/
9 KB
9 KB
Image
General
Full URL
https://www.grcts.com/image/cache/catalog/Vicki-80x80.png
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
e57825cac153eeca0e0f28fa41b54211b18dcd0a1b1c29a89cb5bcc22f17506f

Request headers

:path
/image/cache/catalog/Vicki-80x80.png
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Mon, 12 Feb 2018 09:16:03 GMT
server
nginx
etag
"2436-5650053bf3ac0"
vary
User-Agent
content-type
image/png
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
9270
x-proxy-cache
MISS
Exempt%20Employees-80x80.jpg
www.grcts.com/image/cache/catalog/
4 KB
4 KB
Image
General
Full URL
https://www.grcts.com/image/cache/catalog/Exempt%20Employees-80x80.jpg
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
b8b87ec7c520653cf79f67b55a45a57a74061f3387d9ce333e5f83ba4b3aef0c

Request headers

:path
/image/cache/catalog/Exempt%20Employees-80x80.jpg
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Thu, 12 Jul 2018 15:30:01 GMT
server
nginx
etag
"eae-570cf0967ea19"
vary
User-Agent
content-type
image/jpeg
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
3758
x-proxy-cache
MISS
IRS-80x80.jpg
www.grcts.com/image/cache/catalog/
3 KB
4 KB
Image
General
Full URL
https://www.grcts.com/image/cache/catalog/IRS-80x80.jpg
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
6cd20a4ddeb3d40bdd6984593c0a64413704381218d072900578ce5521e825a2

Request headers

:path
/image/cache/catalog/IRS-80x80.jpg
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Thu, 26 Jul 2018 15:56:26 GMT
server
nginx
etag
"d4c-571e9099f8c8d"
vary
User-Agent
content-type
image/jpeg
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
3404
x-proxy-cache
MISS
Margie%20Faulk%20Pic-80x80.jpg
www.grcts.com/image/cache/catalog/
3 KB
3 KB
Image
General
Full URL
https://www.grcts.com/image/cache/catalog/Margie%20Faulk%20Pic-80x80.jpg
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
1b7fd08e7b3e31c51f4cb750385ebe4e4e4304fcfec73b3c05cd8807993f7c60

Request headers

:path
/image/cache/catalog/Margie%20Faulk%20Pic-80x80.jpg
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Fri, 22 Jun 2018 15:03:09 GMT
server
nginx
etag
"af7-56f3c5472a791"
vary
User-Agent
content-type
image/jpeg
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
2807
x-proxy-cache
MISS
Elga%20Pic-80x80.jpg
www.grcts.com/image/cache/catalog/
3 KB
3 KB
Image
General
Full URL
https://www.grcts.com/image/cache/catalog/Elga%20Pic-80x80.jpg
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
db05a666a8ba378096409d056c660e5d0485b91290541429cdbc4646a8041d88

Request headers

:path
/image/cache/catalog/Elga%20Pic-80x80.jpg
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Wed, 17 Oct 2018 21:20:47 GMT
server
nginx
etag
"c71-578733e6b49eb"
vary
User-Agent
content-type
image/jpeg
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
3185
x-proxy-cache
MISS
Janette%20Frisch-80x80.jpg
www.grcts.com/image/cache/catalog/
2 KB
3 KB
Image
General
Full URL
https://www.grcts.com/image/cache/catalog/Janette%20Frisch-80x80.jpg
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
a85a9db03f51fcd2736459e3a8f4b0a37feb396d5881ec131373a868f5c5e62f

Request headers

:path
/image/cache/catalog/Janette%20Frisch-80x80.jpg
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Mon, 12 Feb 2018 09:16:03 GMT
server
nginx
etag
"9bc-5650053bf3ac0"
vary
User-Agent
content-type
image/jpeg
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
2492
x-proxy-cache
MISS
Patrick%20Haggerty-80x80.jpg
www.grcts.com/image/cache/catalog/
3 KB
3 KB
Image
General
Full URL
https://www.grcts.com/image/cache/catalog/Patrick%20Haggerty-80x80.jpg
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
d5963ca7d49707bb5ec833b2a87658b05590f80b9c5b61f656d1a6e6fd653d87

Request headers

:path
/image/cache/catalog/Patrick%20Haggerty-80x80.jpg
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Mon, 12 Feb 2018 09:16:03 GMT
server
nginx
etag
"b84-5650053bf3ac0"
vary
User-Agent
content-type
image/jpeg
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
2948
x-proxy-cache
MISS
Miles%20Hutchinson-80x80.jpg
www.grcts.com/image/cache/catalog/
2 KB
3 KB
Image
General
Full URL
https://www.grcts.com/image/cache/catalog/Miles%20Hutchinson-80x80.jpg
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
aedb9481db1a6c9c1a3e0c1a8936bbd32d5a63950f8121770a7215696d999d1c

Request headers

:path
/image/cache/catalog/Miles%20Hutchinson-80x80.jpg
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Mon, 12 Feb 2018 09:16:03 GMT
server
nginx
etag
"9d7-5650053bf3ac0"
vary
User-Agent
content-type
image/jpeg
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
2519
x-proxy-cache
MISS
Heidi%20Lee-80x80.jpg
www.grcts.com/image/cache/catalog/
2 KB
3 KB
Image
General
Full URL
https://www.grcts.com/image/cache/catalog/Heidi%20Lee-80x80.jpg
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
2f83a47c8671fb79baae9dd41ccca6558d538f1f974ecc8b7d5c04d50d81c548

Request headers

:path
/image/cache/catalog/Heidi%20Lee-80x80.jpg
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Wed, 05 Dec 2018 19:40:33 GMT
server
nginx
etag
"9d7-57c4b8e297050"
vary
User-Agent
content-type
image/jpeg
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
2519
x-proxy-cache
MISS
paypal-logo.png
grcts.com/image/
62 KB
63 KB
Image
General
Full URL
https://grcts.com/image/paypal-logo.png
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
0ba2e78928d42ea232778f25e2ec3d91ae16319567171988a53de5324a926b10

Request headers

:path
/image/paypal-logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
last-modified
Tue, 03 Oct 2017 11:31:15 GMT
server
nginx
etag
"f924-55aa2d43506c0"
vary
User-Agent
content-type
image/png
status
200
expires
Sat, 21 Mar 2020 12:02:22 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
63780
x-proxy-cache
MISS
b
www.grcts.com/owm/
755 B
755 B
Image
General
Full URL
https://www.grcts.com/owm/b?i=mgreen&lang=en
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/owm/b?i=mgreen&lang=en
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
status
200
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
set-cookie
MibewSessionID=3b59114f19e2eda510dfa02b5aa178ef; path=/owm/; secure; HttpOnly
host-header
192fc2e7e50945beb8231a492d6a8024
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
403
x-proxy-cache
MISS
chat_popup.js
www.grcts.com/owm/js/compiled/
5 KB
2 KB
Script
General
Full URL
https://www.grcts.com/owm/js/compiled/chat_popup.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
f36e35ffa89c0cdcf18c58e4497db1ca9670025960fa3e0e700131b7afdea645

Request headers

:path
/owm/js/compiled/chat_popup.js
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Tue, 09 Aug 2016 18:20:06 GMT
server
nginx
etag
"13a5-539a79504e180-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
expires
Sun, 24 Mar 2019 12:02:21 GMT
cache-control
max-age=172800
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
1886
x-proxy-cache
MISS
checkout.js
www.paypalobjects.com/api/
2 MB
225 KB
Script
General
Full URL
https://www.paypalobjects.com/api/checkout.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4519f02071757c2f95fe4dcd5903cd17d76aa5cadf93126367920a7b7d82f2ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2019 22:11:57 GMT
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=86400
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
230062
expires
Sat, 23 Mar 2019 12:02:21 GMT
formValidation.js
www.grcts.com/catalog/view/javascript/
5 KB
1 KB
Script
General
Full URL
https://www.grcts.com/catalog/view/javascript/formValidation.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
74ac5e4e9c85ea5965755fbf8aaf6c2175d701d0c596498d0e6f049fcb767ed4

Request headers

:path
/catalog/view/javascript/formValidation.js
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Sun, 28 Oct 2018 03:30:02 GMT
server
nginx
etag
"1338-57941915e9e8b-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
expires
Sun, 24 Mar 2019 12:02:21 GMT
cache-control
max-age=172800
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
1134
x-proxy-cache
MISS
merchant.js
www.paypalobjects.com/upstream/bizcomponents/js/
5 KB
2 KB
Script
General
Full URL
https://www.paypalobjects.com/upstream/bizcomponents/js/merchant.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4a0b5fad48c72b1445684e19b3998dac10ae74a940db9b7109d78dd79736e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
last-modified
Fri, 14 Apr 2017 02:53:53 GMT
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
1813
expires
Fri, 22 Mar 2019 13:02:21 GMT
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/grcts.com/
104 B
921 B
XHR
General
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/grcts.com/client.json
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/catalog/view/javascript/jquery/jquery-2.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.208.240 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
41eaef925d345b4d9f771c918bacf5b3af80079d735fb24e0220895c74eaef71

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
Origin
https://www.grcts.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 12:02:23 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
D71BC3538F2D554A
x-amz-replication-status
COMPLETED
Content-Length
112
x-amz-id-2
oAXeEPs0E8FyvWFPikRmGiLPEYLsiuSkxUN71UEv/6PxkTXQdSsjHpQov36GoflzVudE7yDB7dM=
Last-Modified
Thu, 14 Mar 2019 19:34:12 GMT
Server
AmazonS3
ETag
"f4812ebf0398e3b9efc6c6551c0a9300"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
Kefl9R05Nf7Y8UVHIh8g5Ozp4Ro05R_t
Access-Control-Allow-Origin
https://www.grcts.com
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
public, max-age=60
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
application/json
fontawesome-webfont.woff2
www.grcts.com/catalog/view/javascript/font-awesome/fonts/
63 KB
63 KB
Font
General
Full URL
https://www.grcts.com/catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

:path
/catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
origin
https://www.grcts.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/catalog/view/javascript/font-awesome/css/font-awesome.min.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/catalog/view/javascript/font-awesome/css/font-awesome.min.css
Origin
https://www.grcts.com

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2015 13:56:41 GMT
server
nginx
etag
"fbd0-5216fffd83840-gzip"
vary
Accept-Encoding,User-Agent
status
200
expires
Sun, 24 Mar 2019 12:02:21 GMT
cache-control
max-age=172800
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
64466
x-proxy-cache
MISS
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,300,700
Origin
https://www.grcts.com

Response headers

date
Fri, 08 Mar 2019 20:21:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:39 GMT
server
sffe
age
1179663
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8800
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 20:21:18 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,300,700
Origin
https://www.grcts.com

Response headers

date
Fri, 08 Mar 2019 23:23:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
1168755
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8892
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 23:23:06 GMT
blurbck.png
www.grcts.com/catalog/view/theme/default/stylesheet/img/
4 KB
5 KB
Image
General
Full URL
https://www.grcts.com/catalog/view/theme/default/stylesheet/img/blurbck.png
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
59ff975042a5dbf38cb11f5d4781c61eec10ddb1f4143d8b82f21ac5cfd94923

Request headers

:path
/catalog/view/theme/default/stylesheet/img/blurbck.png
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/catalog/view/theme/default/stylesheet/stylesheet.css?version=3.5.7
:scheme
https
:method
GET
Referer
https://www.grcts.com/catalog/view/theme/default/stylesheet/stylesheet.css?version=3.5.7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:21 GMT
last-modified
Sun, 24 Jan 2016 18:11:50 GMT
server
nginx
etag
"10da-52a1862e04580"
vary
User-Agent
content-type
image/png
status
200
expires
Sat, 21 Mar 2020 12:02:21 GMT
cache-control
max-age=31536000
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
4314
x-proxy-cache
MISS
index.php
www.grcts.com/
46 B
363 B
XHR
General
Full URL
https://www.grcts.com/index.php?route=product/product/review&product_id=460
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/catalog/view/javascript/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
515cc55b2614a40db17c65ebc470cddb276b8806929c5da9d18ce4def29a2b63

Request headers

:path
/index.php?route=product/product/review&product_id=460
pragma
no-cache
cookie
PHPSESSID=b4aa206f8fa1dc4941d75a035677d282; language=en; currency=USD
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html, */*; q=0.01
cache-control
no-cache
:authority
www.grcts.com
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:method
GET
Accept
text/html, */*; q=0.01
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
server
nginx
host-header
192fc2e7e50945beb8231a492d6a8024
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=utf-8
status
200
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
64
x-proxy-cache
MISS
upstream
www.paypal.com/imadserver/
32 KB
10 KB
Script
General
Full URL
https://www.paypal.com/imadserver/upstream?style=BLUWHTYIFR&dimensions=x728x90&payer_id=8HZQ8L5F6LR24&call=__PP.c155325614200856350&rand=1553256142009&format=HTML&v=2.4&vtag=3.1&page=DefaultPage&pu_type=ANONYMOUS&presentation_types=HTML&ch=UPSTREAM&locale=en_US&country_code=US
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/upstream/bizcomponents/js/merchant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3dc7d0be45b8a40f1460a2a55eab70a9640a7d0d10956fe50f03550c8a1f5908
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
146
date
Fri, 22 Mar 2019 12:02:22 GMT
server_info
imadserv:ppaas_1_2.v1.imadserv.upstream.GET&CalThreadId=66&TopLevelTxnStartTime=169a547d57c&Host=ccg23b01imadserv7937&pid=3128
x-edgeconnect-midmile-rtt
144
status
200
http_x_pp_az_locator
ccg23.lvs
paypal-debug-id
dcafe8a023e71
strict-transport-security
max-age=63072000
dc
slc-b-origin-www-1.paypal.com
content-length
9798
pragma
no-cache
correlation-id
dcafe8a023e71
server
Apache
vary
Accept-Encoding
content-type
text/html;charset=UTF-8
content-encoding
gzip
cache-control
max-age=0, no-cache, no-store, must-revalidate
arrow-gray.png
www.grcts.com/catalog/view/theme/default/img/
2 KB
2 KB
Image
General
Full URL
https://www.grcts.com/catalog/view/theme/default/img/arrow-gray.png
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
e7b5ed83fcf9bac2aefaaa7b959f01e8e6841a4d7f8a09dd0ac0d327bc5e5c1a

Request headers

:path
/catalog/view/theme/default/img/arrow-gray.png
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/catalog/view/theme/default/stylesheet/stylesheet.css?version=3.5.7
:scheme
https
:method
GET
Referer
https://www.grcts.com/catalog/view/theme/default/stylesheet/stylesheet.css?version=3.5.7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
404
date
Fri, 22 Mar 2019 12:02:22 GMT
server
nginx
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
1772
content-type
text/html
mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v15/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
349c9eaeb1ddfca43b899f7479defefa32bb049c49f25c9ccaa6432cf0ffab95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,300,700
Origin
https://www.grcts.com

Response headers

date
Sat, 09 Mar 2019 04:35:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:48 GMT
server
sffe
age
1149989
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9432
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 04:35:53 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105189975-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
926
date
Fri, 22 Mar 2019 11:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Fri, 22 Mar 2019 13:46:56 GMT
upstream
www.paypal.com/imadserver/
30 KB
10 KB
Script
General
Full URL
https://www.paypal.com/imadserver/upstream?style=BLUWHTYIFR&dimensions=x300x250&payer_id=8HZQ8L5F6LR24&call=__PP.c1553256142102512730&rand=1553256142102&format=HTML&v=2.4&vtag=3.1&page=DefaultPage&pu_type=ANONYMOUS&presentation_types=HTML&ch=UPSTREAM&locale=en_US&country_code=US
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/upstream/bizcomponents/js/merchant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9254ff55670c5487d4b0eb97c4d096e66ac417711b46e7632286a8263138a8b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
199
date
Fri, 22 Mar 2019 12:02:22 GMT
server_info
imadserv:ppaas_1_2.v1.imadserv.upstream.GET&CalThreadId=60&TopLevelTxnStartTime=169a547d5e5&Host=dcg01imadserv9209&pid=3108
x-edgeconnect-midmile-rtt
148
status
200
http_x_pp_az_locator
dcg01.phx
paypal-debug-id
2598f0ba372bc
strict-transport-security
max-age=63072000
dc
slc-b-origin-www-1.paypal.com
content-length
9417
pragma
no-cache
correlation-id
2598f0ba372bc
server
Apache
vary
Accept-Encoding
content-type
text/html;charset=UTF-8
content-encoding
gzip
cache-control
max-age=0, no-cache, no-store, must-revalidate
popup
www.grcts.com/owm/chat/style/
755 B
770 B
Script
General
Full URL
https://www.grcts.com/owm/chat/style/popup
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/owm/js/compiled/chat_popup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.138.160 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-77-104-138-160.siteground.com
Software
nginx /
Resource Hash
c21a5dec9d2f3f4d2f72416db946729f545ad60442057b3b825d095a4205ff6b

Request headers

:path
/owm/chat/style/popup
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grcts.com
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
:scheme
https
:method
GET
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
server
nginx
host-header
192fc2e7e50945beb8231a492d6a8024
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
status
200
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
set-cookie
MibewSessionID=b178babb6de1937bbc87a7c55eb6f1aa; path=/owm/; secure; HttpOnly
accept-ranges
bytes
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
403
x-proxy-cache
MISS
integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.grcts.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.grcts.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/
199 KB
74 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5673337b9074bd3869f91978cc06b3f25ce40b075610f577018381721ee1fbca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
75808
x-xss-protection
1; mode=block
server
cafe
etag
4574056133815350220
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Mar 2019 12:02:22 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/ Frame D9BC
199 KB
74 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5673337b9074bd3869f91978cc06b3f25ce40b075610f577018381721ee1fbca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
75808
x-xss-protection
1; mode=block
server
cafe
etag
4574056133815350220
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Mar 2019 12:02:22 GMT
ca-pub-1708566510127945.js
pagead2.googlesyndication.com/pub-config/r20160913/
68 B
179 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-1708566510127945.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
content-type
text/javascript
status
200
cache-control
public, max-age=43200
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
88
x-xss-protection
1; mode=block
expires
Sat, 23 Mar 2019 00:02:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190320/r20190131/ Frame 9767
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190320/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190320/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 20 Mar 2019 13:05:21 GMT
expires
Wed, 03 Apr 2019 13:05:21 GMT
content-type
text/html; charset=UTF-8
etag
4425972840952340538
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6619
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
169021
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=284534105&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grcts.com%2FTransportation-Fringe-Benefits%3FSF&ul=en-us&de=UTF-8&dt=Detailing%20Transportatio...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-105189975-1&cid=1631152077.1553256142&jid=1388265770&_gid=1568265706.1553256142&gjid=791033818&_v=j73&z=1567495260
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105189975-1&cid=1631152077.1553256142&jid=1388265770&_v=j73&z=1567495260
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105189975-1&cid=1631152077.1553256142&jid=1388265770&_v=j73&z=1567495260&slf_rd=1&random=3071194292
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105189975-1&cid=1631152077.1553256142&jid=1388265770&_v=j73&z=1567495260&slf_rd=1&random=3071194292
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4016:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2019 12:02:22 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Mar 2019 12:02:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105189975-1&cid=1631152077.1553256142&jid=1388265770&_v=j73&z=1567495260&slf_rd=1&random=3071194292
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E33D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1708566510127945&output=html&adk=1812271804&adf=3025194257&lmt=1553256142&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.grcts.com%2FTransportation-Fringe-Benefits%3FSF&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1553256142126&bpp=30&bdt=610&fdt=100&idt=99&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6915143433800&frm=20&pv=2&ga_vid=1631152077.1553256142&ga_sid=1553256142&ga_hid=284534105&ga_fc=0&iag=0&icsg=35201550957068&dssz=31&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=2285879327&ifi=0&uci=0.5o4xmkpxt4rn&fsb=1&dtd=115
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1708566510127945&output=html&adk=1812271804&adf=3025194257&lmt=1553256142&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.grcts.com%2FTransportation-Fringe-Benefits%3FSF&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1553256142126&bpp=30&bdt=610&fdt=100&idt=99&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6915143433800&frm=20&pv=2&ga_vid=1631152077.1553256142&ga_sid=1553256142&ga_hid=284534105&ga_fc=0&iag=0&icsg=35201550957068&dssz=31&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=2285879327&ifi=0&uci=0.5o4xmkpxt4rn&fsb=1&dtd=115
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 22 Mar 2019 12:02:22 GMT
server
cafe
content-length
46
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Fri, 22-Mar-2019 12:17:22 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Fri, 22 Mar 2019 12:02:22 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1349d35cb629a932fe00785c3f6ac9454ec4c5cf3b1edcf25b8749ad36ba253a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1553103581034000"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
27762
x-xss-protection
1; mode=block
expires
Fri, 22 Mar 2019 12:02:22 GMT
pptm.js
www.paypal.com/tagmanager/
0
2 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.grcts.com&source=checkoutjs&t=xo&v=4.0.263
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-qOztLZAC7Kko4JZ2FPSWC0J+Ne9FG+p9nHTvi2kkKCKiMSo5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
291
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-qOztLZAC7Kko4JZ2FPSWC0J+Ne9FG+p9nHTvi2kkKCKiMSo5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
0
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
status
200
http_x_pp_az_locator
ccg23.lvs
paypal-debug-id
e50a65946a5ee, e50a65946a5ee
strict-transport-security
max-age=63072000
dc
phx-origin-www-2.paypal.com
content-length
26
x-xss-protection
1; mode=block
pragma
no-cache
server
Apache
x-frame-options
SAMEORIGIN
date
Fri, 22 Mar 2019 12:02:22 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=900, max-age=0, no-cache, no-store, must-revalidate
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
926
date
Fri, 22 Mar 2019 11:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Fri, 22 Mar 2019 13:46:56 GMT
collect
www.google-analytics.com/r/
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=284534105&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grcts.com%2FTransportation-Fringe-Benefits%3FSF&ul=en-us&de=UTF-8&dt=Detailing%20Transportation%20Fringe%20Benefits%20-%20HRCI%20%26%20SHRM%20Accredited&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEDAAUAB~&jid=1019211338&gjid=411285311&cid=1631152077.1553256142&tid=UA-72660696-1&_gid=1568265706.1553256142&_r=1&z=306518599
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2019 12:02:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
livechat2.aspx
s7.mylivechat.com/livechat2/
Redirect Chain
  • https://mylivechat.com/chatinline.aspx?hccid=58874850
  • https://s7.mylivechat.com/livechat2/livechat2.aspx?hccid=58874850&apimode=chatinline
9 KB
4 KB
Script
General
Full URL
https://s7.mylivechat.com/livechat2/livechat2.aspx?hccid=58874850&apimode=chatinline
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
74.86.208.241 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
f1.d0.564a.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e75452d9e0c52b2e23fe5e8448de53fae01979a6c73e8ac2ac5355cff7611629

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Mar 2019 12:02:21 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Content-Length
3668
Expires
-1

Redirect headers

Date
Fri, 22 Mar 2019 12:02:20 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Access-Control-Allow-Origin
*
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://s7.mylivechat.com/livechat2/livechat2.aspx?hccid=58874850&apimode=chatinline
Cache-Control
private
Content-Length
205
_ate.track.config_resp
m.addthisedge.com/live/boost/ra-515eeaf54693130e/
166 B
387 B
Script
General
Full URL
https://m.addthisedge.com/live/boost/ra-515eeaf54693130e/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.23.104.167 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-23-104-167.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
surrogate-key
ra-515eeaf54693130e
server
Jetty(9.4.8.v20180619)
etag
659743217
cache-tag
ra-515eeaf54693130e
status
200
cache-control
public, max-age=54, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-type
application/javascript;charset=utf-8
content-length
166
logger
www.paypal.com/xoplatform/logger/api/
0
1 KB
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://www.grcts.com
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type,x-app-name,x-requested-with

Response headers

x-edgeconnect-origin-mex-latency
78
date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
145
x-powered-by
Express
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
status
200
http_x_pp_az_locator
dcg11.slc
paypal-debug-id
adb5196a88ad8, adb5196a88ad8
strict-transport-security
max-age=63072000
dc
slc-b-origin-www-1.paypal.com
content-length
26
pragma
no-cache
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
text/html
access-control-allow-origin
https://www.grcts.com
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-headers
content-type,x-app-name,x-requested-with
ppc_wh_pri.svg
www.paypalobjects.com/digitalassets/c/website/logo/full-text/ Frame 7F1D
5 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/digitalassets/c/website/logo/full-text/ppc_wh_pri.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3c56e097f3bccbfd5e76fbf8ba03422a8f68e4f068833211283f83e45b1cdefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Feb 2019 18:30:17 GMT
server
Apache
access-control-allow-origin
*
vary
Accept-Encoding
content-type
image/svg+xml
status
200
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1813
expires
Sun, 21 Apr 2019 12:02:22 GMT
/
www.paypal.com/webapps/mch/cmd/ Frame 7F1D
0
762 B
Image
General
Full URL
https://www.paypal.com/webapps/mch/cmd/?v=3.0&t=1553256142&fdata=JA0MW3MRDg8dTVxBHENeX0g6PwMhbFZzR3BxXH8nAw1QX3ZpYQp7cxdaAGgCPBkjECk3KwJlJiMtOSM3CwUDCwMwdC4gNw83Gj0ZDj4tTBkBDiNlbwBwLU1Xc1s5CXYzATc8NAZ2IDk0MT87aCEkJClzKgs1bF5kEyctCy11W19dXnNoaQR4ZURXZR4yCSICbFNYUHEHSxIJHAQUEERaXl1zP1d2f15kAjp0Xmx9WVtYUXZsahQtIUkkGXEUJh85GCk4NAZkPi82PksAXxAeDwA0PQMqPzE2DzksUhEcJyVLEyAqMVZ1YUBeZg53BSASNhYNFypTUAdMRFoUGEIIW1hseQsmMFxyF399XjouWg8LA3M8PQF5cwcUPFxsDHwCMlJQAnoaVAVPRUBEGRYLRwxtcQtoZ1txQC8rC2wqXApbQSQ5NFR1MUMDNg5pDHJLaAdeU24DWQUfXQ9IFRRAXFtmfwwnNVsgQCp.STQjHg4fAiExPA8pYEBQMQ1mDXpQaFQJBSIFXQdPRFwTS0ULDAphLQ92YEg0BT0gC2QsWF9aBCFuaB94ZkIFeAxoDH9LMwALU24BXAMcFAkSGxEMCFtzPxkxIwcmS3soXzh8CwhVSiJhbQBlYRIDZBUwWygFfAcLX3cCVQVAE1wUHlMdHww8LVd9GTQTTgV8KW8EOFtZQTU9PlssaExWZAFpWw&cks=OTk4MjU1YTEyOGYzYzE1NmQ0MTUxNDJkNWUxYjFlZDA&e=1.0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
80
date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-edgeconnect-midmile-rtt
147
status
200
http_x_pp_az_locator
ccg23.lvs
paypal-debug-id
bbe5148187603
strict-transport-security
max-age=63072000
dc
slc-b-origin-www-1.paypal.com
content-length
26
server_info
personalizationtrkserv:ppaas_1_2.ptrk.GET&CalThreadId=81&TopLevelTxnStartTime=169a547d706&Host=ccg23b01personalizationtrkserv6984&pid=3090
pragma
no-cache
correlation-id
bbe5148187603
server
Apache
vary
Accept-Encoding
content-type
text/html
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
PayPalSansSmall-Light.woff2
www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/ Frame 7F1D
36 KB
36 KB
Font
General
Full URL
https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Light.woff2
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e085866d187704eb7574395c3bf4ae78dfdc8f189816d2081b9495fd4a12787f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/
Origin
https://www.grcts.com

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Jun 2016 16:50:06 GMT
server
Apache
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/font-woff2
status
200
strict-transport-security
max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2019 12:02:22 GMT
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/ Frame 7F1D
36 KB
37 KB
Font
General
Full URL
https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Regular.woff2
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/
Origin
https://www.grcts.com

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Jun 2016 16:50:06 GMT
server
Apache
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/font-woff2
status
200
strict-transport-security
max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2019 12:02:22 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
266793de59843ad9dfe7e9dde87d0bd59d7ee61a869ed692125078bf07e6ac7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
2/GjbAR9X6jZQ7L/ivZEtA==
status
200
date
Fri, 22 Mar 2019 12:02:22 GMT
vary
Accept-Encoding
content-length
1776
x-fb-debug
dGrAn1N7qNyFISyMFcQM5JHo4GTUD+p83V4B8vSxgWelqrKWnLvouq3zbUPzeC9K1DY8nRLyLb5lswtJzN1SWg==
x-fb-content-md5
07a1d357c1b175f12ac3f0d8c6abca14
etag
"75e733d7856c5fc6907420c6a14f8721"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Mar 2019 12:16:49 GMT
widgets.js
platform.twitter.com/
93 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418E) /
Resource Hash
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 12:02:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:40:21 GMT
Server
ECS (fcn/418E)
Etag
"4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28028
counter.79e34366aa75ecdf109a.js
s7.addthis.com/static/
23 KB
8 KB
Script
General
Full URL
https://s7.addthis.com/static/counter.79e34366aa75ecdf109a.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.23.104.167 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-23-104-167.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c38ae8e86afa43d4192adf8b88d4ca770ca6deebab4fec9797a5495778bc0fb8

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
last-modified
Thu, 28 Feb 2019 14:32:50 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-length
7978
shares.json
api-public.addthis.com/url/
72 B
319 B
Script
General
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.grcts.com%2FTransportation-Fringe-Benefits&callback=_ate.cbs.sc_httpswwwgrctscomtransportationfringebenefits0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.15 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
120283048dc92e69ab98fb048633bb96065c96866fa7472ce13c90ac93404294

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
surrogate-key
www.grcts.com/transportation-fringe-benefits
last-modified
Fri, 22 Mar 2019 12:02:22 GMT
vary
Accept-Encoding
x-varnish
2922498523
status
200
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
accept-ranges
bytes
content-type
application/json
content-length
88
widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame 8E1C
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.grcts.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DF) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 22 Mar 2019 12:02:22 GMT
Etag
"347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified
Thu, 07 Mar 2019 17:39:26 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40DF)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5783
button.dd024c345fc26f7c7a8d9938b67e5d3d.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.dd024c345fc26f7c7a8d9938b67e5d3d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D9) /
Resource Hash
bec117b5be8f22e9305be68965e3734a5135357a3ac88cda5814b7069a1c62dc

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 12:02:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:39:15 GMT
Server
ECS (fcn/40D9)
Etag
"481d209bbcd2464884d57a77bc64e947+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
2293
sdk.js
connect.facebook.net/en_US/
192 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=06b109270d1bdb6faa28379e517ef37d&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5d69d0364c9fa1efd3c239e591f03e1140164a83970f78e441c6f10b9f7b1543
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
Origin
https://www.grcts.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
vicNWXm3woHa2Mw6ryZCBg==
status
200
date
Fri, 22 Mar 2019 12:02:22 GMT
vary
Accept-Encoding
content-length
58685
x-fb-debug
Y4PXuSTIaKT6rHRylfH0SS14lkeh6UAF3h1fhOJgI1/KRg9BaHVdRuNP6fkPzZAfXQthhM5MOuv2/CVj9C8SbA==
x-fb-content-md5
c27dfb4fa6052c9794c3db2e0e786880
etag
"1269586491d2a04c00844c798c5e9a49"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sat, 21 Mar 2020 11:07:34 GMT
tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
platform.twitter.com/widgets/ Frame F8CB
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AC) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 22 Mar 2019 12:02:22 GMT
Etag
"8dadfe02e828fc4a9d61e33bdd1df329+gzip"
Last-Modified
Thu, 07 Mar 2019 17:39:22 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41AC)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12257
ppc_wh_pri.svg
www.paypalobjects.com/digitalassets/c/website/logo/full-text/ Frame 8C92
5 KB
0
Image
General
Full URL
https://www.paypalobjects.com/digitalassets/c/website/logo/full-text/ppc_wh_pri.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3c56e097f3bccbfd5e76fbf8ba03422a8f68e4f068833211283f83e45b1cdefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Feb 2019 18:30:17 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1813
expires
Sun, 21 Apr 2019 12:02:22 GMT
/
www.paypal.com/webapps/mch/cmd/ Frame 8C92
0
760 B
Image
General
Full URL
https://www.paypal.com/webapps/mch/cmd/?v=3.0&t=1553256142&fdata=JA0MW3MRDg8dTVxBHENeX0g6PwMhbFZzR3BxXH8nAw1QX3ZpYQp7cxdaAGgCPBkjECk3KwJlJiMtOSM3CwUDCwMwdC4gNw83Gj0ZDj4tTBkBDiNlawJ4LUZSZR4yACpbBDQ7MhFyLCsmPSwiZjA5IyASbwkkIVNyUCwnCz08V1hbV35saAN-ZURXZQh3CyoPNVlfVnUGW0ANAAEZSUhcXVhtbxx4YkByUD06Umh9X1pfUnFpbABuMABaFnQYLQUyDi0lNhFyPjUwPyNWXQcIGQs7KB4sPgAdAjA5CmQAPiQhQTM.KlssaEBTbAtnTiYNJQMaAzJeCVsYRVlHSUAIU19jcFokMl4hEistXG8uDFkLASFtPQd.YVIUJlE1VS9QYwVaUyYFQFRBQF9dGUILWENsKFlxfFtxFXosDTwrXVBdX2E7OV4uaBBRZ1ljXS5UfFZQVnEaWVEfQkBJTEZZR1tmKlkgMwshQXB5V38lAR0KFSI-MVZ1NEFTYlxkDXJXZ11YByAHDgIbFF5GSxNdDAgzfA9wZlpkADo9Bj11WlFbA386PQRlMUVXYBVlCnhffAZYXiIaXlRKElhFFUJVC1ozbxw2JRwrEnQvDmt5DAhZBGo9bQJ.eEBRN118Cn8CaElZAHQBXAAcRVwRH0xLGhs3IA54aSYYJ3EFWh9-JjtfU2EqPVQhMUlfZAloUHg&cks=YWUzNzEzY2JkMjhjMGNmYzE2NmE3OWM3MzhhNjcxNzk&e=1.0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
107
date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-edgeconnect-midmile-rtt
147
status
200
http_x_pp_az_locator
dcg01.phx
paypal-debug-id
e613d2eb9f9f5
strict-transport-security
max-age=63072000
dc
slc-b-origin-www-1.paypal.com
content-length
26
server_info
personalizationtrkserv:ppaas_1_2.ptrk.GET&CalThreadId=76&TopLevelTxnStartTime=169a547d781&Host=dcg01personalizationtrkserv2438&pid=3095
pragma
no-cache
correlation-id
e613d2eb9f9f5
server
Apache
vary
Accept-Encoding
content-type
text/html
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
PayPalSansSmall-Light.woff2
www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/ Frame 8C92
36 KB
36 KB
Font
General
Full URL
https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Light.woff2
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e085866d187704eb7574395c3bf4ae78dfdc8f189816d2081b9495fd4a12787f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/
Origin
https://www.grcts.com

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Jun 2016 16:50:06 GMT
server
Apache
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/font-woff2
status
200
strict-transport-security
max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2019 12:02:22 GMT
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/ Frame 8C92
36 KB
37 KB
Font
General
Full URL
https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Regular.woff2
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/
Origin
https://www.grcts.com

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Jun 2016 16:50:06 GMT
server
Apache
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/font-woff2
status
200
strict-transport-security
max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2019 12:02:22 GMT
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 1EBD
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=06b109270d1bdb6faa28379e517ef37d&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Fri, 20 Mar 2020 22:21:54 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
opUC9JLEemBkRLGrNOy2WgMdLbvk+/th0Ni7jUdxdSOHmDGzMGaYGWuWCFPB8JYLDK+mY+5IUuz9cuC3cd8XOg==
content-length
11007
date
Fri, 22 Mar 2019 12:02:22 GMT
pptm.js
www.paypal.com/tagmanager/
0
2 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?client_id=AZDxjDScFpQtjWTOUtWKbyN_bDt4OgqaF4eYXlewfBP4-8aqX3PiV8e1GWU6liB2CUXlkA59kJXE7M6R&id=www.grcts.com&source=checkoutjs&t=xo&v=4.0.263
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-y3H9nCEp5+ygQaS5jC7Nrmj927BVcqLUH+9apTITG+UCeJnO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
556
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-y3H9nCEp5+ygQaS5jC7Nrmj927BVcqLUH+9apTITG+UCeJnO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
0
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
status
200
http_x_pp_az_locator
ccg23.lvs
paypal-debug-id
b15bcdd5c285a, b15bcdd5c285a
strict-transport-security
max-age=63072000
dc
phx-origin-www-2.paypal.com
content-length
26
x-xss-protection
1; mode=block
pragma
no-cache
server
Apache
x-frame-options
SAMEORIGIN
date
Fri, 22 Mar 2019 12:02:23 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=900, max-age=0, no-cache, no-store, must-revalidate
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
jot
syndication.twitter.com/i/
43 B
120 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.grcts.com%2FTransportation-Fringe-Benefits%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1553256142687%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c1f189f%3A1551939852453%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
102
pragma
no-cache
last-modified
Fri, 22 Mar 2019 12:02:22 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
1f705f89dea3c6a53d1937bc86166e0e
x-transaction
007ed56300e8ce3f
expires
Tue, 31 Mar 1981 05:00:00 GMT
logger
www.paypal.com/xoplatform/logger/api/
0
1 KB
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

x-app-name
checkoutjs
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
Origin
https://www.grcts.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/json

Response headers

x-edgeconnect-origin-mex-latency
142
date
Fri, 22 Mar 2019 12:02:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
147
x-powered-by
Express
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
status
200
http_x_pp_az_locator
ccg23.lvs
paypal-debug-id
a7d6f6e8c8f45, a7d6f6e8c8f45
dc
slc-b-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
26
pragma
no-cache
server
Apache
strict-transport-security
max-age=63072000
content-type
text/html
access-control-allow-origin
https://www.grcts.com
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
truncated
/
171 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d2fd5a42a1849ad0d820611e243fd81fe81ee767716b639ff7e88c1e9f78bb6

Request headers

Response headers

Content-Type
image/png
truncated
/
937 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c69e528427c8218cb4bc5fe647db3366146403d53593a3f96482479a14eca234

Request headers

Response headers

Content-Type
image/png
/
www.paypal.com/webapps/mch/cmd/
0
755 B
Image
General
Full URL
https://www.paypal.com/webapps/mch/cmd/?v=3.0&t=1553256142&fdata=JA0MW3MRDg8dTVxBHENeX0g6PwMhbFZzR3BxXH8nAw1QX3ZpYQp7cxdaAGgCPBkjECk3KwJlJiMtOSM3CwUDCwMwdC4gNw83Gj0ZDj4tTBkBDiNlbwBwLU1Xc1s5CXYzATc8NAZ2IDk0MT87aCEkJClzKgs1bF5kEyctCy11W19dXnNoaQR4ZURXZR4yCSICbFNYUHEHSxIJHAQUEERaXl1zP1d2f15kAjp0Xmx9WVtYUXZsahQtIUkkGXESI20WIwEbAy1WGQ8WHjIEVAUIVyYBBCZjJQkwHy10W21xWV9LCiwsP0AtJB0DaFlkXHwCZFMNV3UOXQcaEV9ATENZWw0zeQwjNVomE3p4SSo7Aw1QA3A8OwRwMU1KbFtnXWZSZQcOSyEPVQdURlhDGxMPDls3fwlzdw0jGi90C24sCV9VA351YVF-YFlTYVs3RSleaQVFUHYEWwAbFFgSGxZbTAM-PQ03NAgrEnQoWm1.DlxaAnZuYQIpNhVVZVlnXHoFN1QOACcDCQNKQUsGXgEEDlMxe1xyMgh0RmR5XG8qR11UA3N1OlYrYFlRZF00DC8EZwAJBHYRGxUNAgQUEEcMWg9hKAt9fAt7Q3tkWz8sW0QMVCQ7dVErbEBSbVtoC3oCYkIYEyFeCVtBODchFTlYLFgZG1hxdxwnECAtUmF5W1BVVGEsP0Z1PQATJR1iKW5UF0FaIDRAGkgJERQATBlDCQE4bFgDIR4hGignCzw6&cks=N2E0MWYwY2RlODNlZjljNDcxNjZiZjE3NGQ4YzAwNmU&e=1.0&landing_url=https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=AU826TU8&content=/bmlweb/ppwpsiw.html&bdata=et%3DCLIENT_IMPRESSION%26event_type%3Dstats%26pos_x%3D273.65625%26pos_y%3D337%26browser_width%3D1600%26browser_height%3D1200%26visible%3Dtrue%26amount%3D%26adblock%3Dfalse%26blocked%3Dfalse%26uuid%3D8e11d5d8-c4a7-5aeb-b6bd-d64733fe8101
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
35
date
Fri, 22 Mar 2019 12:02:23 GMT
content-encoding
gzip
x-edgeconnect-midmile-rtt
142
status
200
http_x_pp_az_locator
dcg01.phx
paypal-debug-id
9c83b831d8f3
strict-transport-security
max-age=63072000
dc
phx-origin-www-2.paypal.com
content-length
26
server_info
personalizationtrkserv:ppaas_1_2.ptrk.GET&CalThreadId=71&TopLevelTxnStartTime=169a547d8e1&Host=dcg01personalizationtrkserv8176&pid=3090
pragma
no-cache
correlation-id
9c83b831d8f3
server
Apache
vary
Accept-Encoding
content-type
text/html
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
/
www.paypal.com/webapps/mch/cmd/
0
759 B
Image
General
Full URL
https://www.paypal.com/webapps/mch/cmd/?v=3.0&t=1553256142&fdata=JA0MW3MRDg8dTVxBHENeX0g6PwMhbFZzR3BxXH8nAw1QX3ZpYQp7cxdaAGgCPBkjECk3KwJlJiMtOSM3CwUDCwMwdC4gNw83Gj0ZDj4tTBkBDiNlawJ4LUZSZR4yACpbBDQ7MhFyLCsmPSwiZjA5IyASbwkkIVNyUCwnCz08V1hbV35saAN-ZURXZQh3CyoPNVlfVnUGW0ANAAEZSUhcXVhtbxx4YkByUD06Umh9X1pfUnFpbABuMABaFnQYKwBAIRYNFSZZDBIQHwMvWQwdD1MdHScJdxolBCAtUm18U1pbQSozLFU6MAUOMQUwXX9RNVENX3IBVFYYE10TSRcJWVgzL1ojNwh3E3x-W387GQAJWiNualN6YBFVeAppWHlLZVMOVG4ODFVNXVhDTkYICAs2flN1aUghFyUvUj1-WAhfUiJqdQBwZUZKYQ83WmZfMFdcS3YEDlUcEggTGkxdUkg4Ih4iIwskHy10Dmx8XQ1YAn5pbgt4NBdXNlwzDHhQNwJYACVRWANMR1lWWwYZAwpoeVJzNVYgE39kC2h4X0RZBXRhdVB4bRVKZgpiCn5TaVNQB3dRSxAKBB8ZSUgLC1xkLwtxMkMnQ3l-Qm1-CAxABXM8YR95M0NRZF40XXoHY11OFjZVBAJESCUqfE0hXyhjBTh3ZUgwEy8gC2RwW1hUX3R-LFU8aBwTIUh0WwpDYyJNVAVAGhFXAAwJXRQBRA06JE93Fx4yFSUoAT0tGA&cks=YmQ0NzE2Nzk2ZDFhMWI0ODNiNzE0MzYwZTkyNmE4Yzg&e=1.0&landing_url=https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=AU826TU8&content=/bmlweb/ppwpsiw.html&bdata=et%3DCLIENT_IMPRESSION%26event_type%3Dstats%26pos_x%3D543.328125%26pos_y%3D5820%26browser_width%3D1600%26browser_height%3D1200%26visible%3Dfalse%26amount%3D%26adblock%3Dfalse%26blocked%3Dfalse%26uuid%3D66bfac23-ecad-5ac0-92ce-219e12848206
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
43
date
Fri, 22 Mar 2019 12:02:23 GMT
content-encoding
gzip
x-edgeconnect-midmile-rtt
138
status
200
http_x_pp_az_locator
dcg01.phx
paypal-debug-id
f9ddec4c2f237
strict-transport-security
max-age=63072000
dc
phx-origin-www-2.paypal.com
content-length
26
server_info
personalizationtrkserv:ppaas_1_2.ptrk.GET&CalThreadId=57&TopLevelTxnStartTime=169a547d968&Host=dcg01personalizationtrkserv9326&pid=3091
pragma
no-cache
correlation-id
f9ddec4c2f237
server
Apache
vary
Accept-Encoding
content-type
text/html
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
chatinline.css
s7.mylivechat.com/livechat2/
5 KB
2 KB
Stylesheet
General
Full URL
https://s7.mylivechat.com/livechat2/chatinline.css
Requested by
Host: s7.mylivechat.com
URL: https://s7.mylivechat.com/livechat2/livechat2.aspx?hccid=58874850&apimode=chatinline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
74.86.208.241 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
f1.d0.564a.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
28f2985c4fa7ab576d6278186d22db973202c61b41f5d5a6e1e58eaa3a87369e

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 12:02:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Oct 2018 15:36:51 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"802b858c786cd41:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=2160000
Accept-Ranges
bytes
Content-Length
1234
resources2.aspx
s7.mylivechat.com/livechat2/
107 KB
41 KB
Script
General
Full URL
https://s7.mylivechat.com/livechat2/resources2.aspx?HCCID=58874850&culture=en-US&mlcv=3006&template=3
Requested by
Host: s7.mylivechat.com
URL: https://s7.mylivechat.com/livechat2/livechat2.aspx?hccid=58874850&apimode=chatinline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
74.86.208.241 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
f1.d0.564a.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
89b98d89fd255ec5b7281b04d3a45be037e272c28014fd58c0aa35d66af5044a

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 12:02:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2019 05:00:00 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
ETag
"tJjnltJoXQjDQ0v/OUnRxHSJ/bibMyGqtZQxTLbIZrE="
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Content-Length
41037
Expires
Sat, 21 Mar 2020 12:02:22 GMT
livechatinit2.js
s7.mylivechat.com/livechat2/script/
62 KB
17 KB
Script
General
Full URL
https://s7.mylivechat.com/livechat2/script/livechatinit2.js
Requested by
Host: s7.mylivechat.com
URL: https://s7.mylivechat.com/livechat2/livechat2.aspx?hccid=58874850&apimode=chatinline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
74.86.208.241 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
f1.d0.564a.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7ee0df9347eb23af3c9d058f9339cb4461feb0da35a50a1ac929999c11efed89

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 12:02:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Mar 2019 18:43:28 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"08915283d3d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2160000
Accept-Ranges
bytes
Content-Length
16715
inpage_3_head.png
s7.mylivechat.com/livechat2/template/images/
423 B
734 B
Image
General
Full URL
https://s7.mylivechat.com/livechat2/template/images/inpage_3_head.png
Requested by
Host: s7.mylivechat.com
URL: https://s7.mylivechat.com/livechat2/resources2.aspx?HCCID=58874850&culture=en-US&mlcv=3006&template=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
74.86.208.241 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
f1.d0.564a.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f1108913bca82007e60c5311fc508a9be3561de27053e46a64f98bc27037e2e6

Request headers

Referer
https://www.grcts.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 12:02:21 GMT
ETag
"3fd3bdf0156ed31:0"
Last-Modified
Tue, 05 Dec 2017 22:11:03 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2160000
Accept-Ranges
bytes
Content-Length
423
InlineChatRoundOffline_18.png
s7.mylivechat.com/Customization/Template/
332 B
643 B
Image
General
Full URL
https://s7.mylivechat.com/Customization/Template/InlineChatRoundOffline_18.png
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
74.86.208.241 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
f1.d0.564a.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a6deebe8c28de9966fffb7f00e01f54468f0fb65e79ccdac3829719c0c9b8ed9

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 12:02:21 GMT
ETag
"e4f78dfe1c6ed31:0"
Last-Modified
Tue, 05 Dec 2017 23:01:33 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2160000
Accept-Ranges
bytes
Content-Length
332
ni
www.paypal.com/ppcredit/modal/
16 KB
7 KB
XHR
General
Full URL
https://www.paypal.com/ppcredit/modal/ni?mid=8HZQ8L5F6LR24
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64d3fad157d902dd208c192c5645921123ddafa0e61ec8a9bbdfcbcf93ff55fb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-PJhgtiXuWTlKu3Q54zGZEEq2qEtDcsHqepChE7Cjp+yydCRI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src https: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
Origin
https://www.grcts.com

Response headers

x-edgeconnect-origin-mex-latency
124
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-PJhgtiXuWTlKu3Q54zGZEEq2qEtDcsHqepChE7Cjp+yydCRI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src https: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
145
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
status
200
paypal-debug-id
b382a08d7b9db, b382a08d7b9db
dc
slc-b-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4838
x-xss-protection
1; mode=block
pragma
no-cache
server
Apache
x-frame-options
SAMEORIGIN
date
Fri, 22 Mar 2019 12:02:24 GMT
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
etag
W/"4002-1tvHUqPLoxRXd+HJRTCPX7OMrDI"
access-control-allow-headers
Origin,X-Requested-With
ni
www.paypal.com/ppcredit/modal/
16 KB
7 KB
XHR
General
Full URL
https://www.paypal.com/ppcredit/modal/ni?mid=8HZQ8L5F6LR24
Requested by
Host: www.grcts.com
URL: https://www.grcts.com/Transportation-Fringe-Benefits?SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64d3fad157d902dd208c192c5645921123ddafa0e61ec8a9bbdfcbcf93ff55fb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-AO7EFFXTaiLdw27FwPhBtHgDBBJcjqW1j/dUqQSTxXqLplTo' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src https: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
Origin
https://www.grcts.com

Response headers

x-edgeconnect-origin-mex-latency
143
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-AO7EFFXTaiLdw27FwPhBtHgDBBJcjqW1j/dUqQSTxXqLplTo' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src https: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
151
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
status
200
paypal-debug-id
9fb78c5f7ec75, 9fb78c5f7ec75
dc
slc-b-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4838
x-xss-protection
1; mode=block
pragma
no-cache
server
Apache
x-frame-options
SAMEORIGIN
date
Fri, 22 Mar 2019 12:02:24 GMT
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
etag
W/"4002-1tvHUqPLoxRXd+HJRTCPX7OMrDI"
access-control-allow-headers
Origin,X-Requested-With
like.php
www.facebook.com/v2.6/plugins/ Frame 46F8
0
0
Document
General
Full URL
https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df22080ed8f27e78%26domain%3Dwww.grcts.com%26origin%3Dhttps%253A%252F%252Fwww.grcts.com%252Ff1d77a3329b02a%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.grcts.com%2FTransportation-Fringe-Benefits&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=06b109270d1bdb6faa28379e517ef37d&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df22080ed8f27e78%26domain%3Dwww.grcts.com%26origin%3Dhttps%253A%252F%252Fwww.grcts.com%252Ff1d77a3329b02a%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.grcts.com%2FTransportation-Fringe-Benefits&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
facebook-api-version
v2.8
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
5Upb+6gjtPuOFgRwRSMbTvE65CujC6M3a+d3/wGLDBk+u1SStFuF2II+7smmcnWLhoLD5TvEq9yokvALG5gQrQ==
date
Fri, 22 Mar 2019 12:02:24 GMT
logger
www.paypal.com/xoplatform/logger/api/
0
1 KB
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://www.grcts.com
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type,x-app-name,x-requested-with

Response headers

x-edgeconnect-origin-mex-latency
97
date
Fri, 22 Mar 2019 12:02:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
151
x-powered-by
Express
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
status
200
http_x_pp_az_locator
ccg23.lvs
paypal-debug-id
6acf401282cf7, 6acf401282cf7
strict-transport-security
max-age=63072000
dc
slc-b-origin-www-1.paypal.com
content-length
26
pragma
no-cache
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
text/html
access-control-allow-origin
https://www.grcts.com
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-headers
content-type,x-app-name,x-requested-with
logger
www.paypal.com/xoplatform/logger/api/
0
1 KB
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

x-app-name
checkoutjs
Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
Origin
https://www.grcts.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/json

Response headers

x-edgeconnect-origin-mex-latency
82
date
Fri, 22 Mar 2019 12:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
147
x-powered-by
Express
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
status
200
paypal-debug-id
cb14c07bd72cb, cb14c07bd72cb
dc
slc-b-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
26
pragma
no-cache
server
Apache
strict-transport-security
max-age=63072000
content-type
text/html
access-control-allow-origin
https://www.grcts.com
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
xhr-ads.min.js
www.paypalobjects.com/web/res/4f2/254d5e59a340c945245ca83c45305/js/ Frame 3B95
21 KB
6 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/4f2/254d5e59a340c945245ca83c45305/js/xhr-ads.min.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:24 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
status
200
strict-transport-security
max-age=31536000
content-encoding
gzip
content-length
6222
last-modified
Wed, 06 Mar 2019 05:24:11 GMT
server
Apache
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 20 Jun 2019 12:02:24 GMT
pp-logo-banner-modal.svg
www.paypalobjects.com/upstream/assets/img/ Frame 3B95
4 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/upstream/assets/img/pp-logo-banner-modal.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d32937bfdcbaa57da591fed1406b583d64cbe0b4aec235ce90fd9414e1dda2a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Oct 2018 18:49:45 GMT
server
Apache
access-control-allow-origin
*
vary
Accept-Encoding
content-type
image/svg+xml
status
200
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1584
expires
Sun, 21 Apr 2019 12:02:24 GMT
xhr-ads.min.js
www.paypalobjects.com/web/res/4f2/254d5e59a340c945245ca83c45305/js/ Frame EFB1
21 KB
6 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/4f2/254d5e59a340c945245ca83c45305/js/xhr-ads.min.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:24 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
status
200
strict-transport-security
max-age=31536000
content-encoding
gzip
content-length
6222
last-modified
Wed, 06 Mar 2019 05:24:11 GMT
server
Apache
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 20 Jun 2019 12:02:24 GMT
pp-logo-banner-modal.svg
www.paypalobjects.com/upstream/assets/img/ Frame EFB1
4 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/upstream/assets/img/pp-logo-banner-modal.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d32937bfdcbaa57da591fed1406b583d64cbe0b4aec235ce90fd9414e1dda2a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grcts.com/Transportation-Fringe-Benefits?SF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 12:02:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Oct 2018 18:49:45 GMT
server
Apache
access-control-allow-origin
*
vary
Accept-Encoding
content-type
image/svg+xml
status
200
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1584
expires
Sun, 21 Apr 2019 12:02:24 GMT

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| getURLVar object| cart object| voucher object| wishlist object| compare object| $acdata object| $acclick function| moment function| gtag object| dataLayer object| adsbygoogle object| MfeSecure number| MfeSecure_done function| jQueryMs function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| refer_show function| div_hide object| google_tag_manager object| __PP string| GoogleAnalyticsObject function| ga object| Mibew object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| __paypal_storage__ object| paypal object| PAYPAL object| ppxo function| add_chatinline object| addthis_share object| addthis_config function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| globals string| passthrough function| __orig__fbAsyncInit function| fbAsyncInit object| __twttrll object| twttr object| __twttr object| FB object| oattr string| mlcp function| MyLiveChat_AddScript function| MyLiveChat_GetLastScriptTag function| MyLiveChat_ImportCss function| MyLiveChat_DocWrite object| MyLiveChat object| MyLiveChat_Lib object| MyLiveChat_WrapperBase function| MyLiveChat_WrapperBaseConstructor function| MyLiveChat_CreateWrapper function| MyLiveChat_BuildWrapper function| MyLiveChat_SetBaseCss function| MyLiveChat_DefineStyle function| MyLiveChat_RunStyle function| MyLiveChat_ApplyStyle object| MyLiveChat_InitCss2Handlers function| MyLiveChat_InitCss2 function| MLCUI_FireOAuthStart function| MLCUI_GetOAuthUrlBase function| MLCUI_TryLogoutOAuth function| MLCUI_TryGetOAuth function| MLCUI_ShowOAuth function| MLCUI_ImplOAuth function| MLCUI_CreateCustomFields function| MyLiveChat_SetupButtonMode function| MLCUI_InlineHelper function| MyLiveChat_CreateDialogPanel function| MyLiveChat_CreateMainPanel function| MyLiveChat_CreateInlinePanel function| MyLiveChat_InitOnce function| MyLiveChat_CalcImagePath function| MyLiveChat_CalcCustomUrl function| MyLiveChat_InitOnceInline function| MyLiveChat_InitOnceFinal function| MyLiveChat_IsDuringOperatingHours function| MyLiveChat_InitStorate function| MyLiveChat_LoadUserDataBehavior function| MyLiveChat_SupportLocalData function| MyLiveChat_GetCookie function| MyLiveChat_SetCookie function| MyLiveChat_GetLocalData function| MyLiveChat_SetLocalData function| MyLiveChat_InitID function| MyLiveChat_SyncToCPR function| MyLiveChat_PatternMatch function| MyLiveChat_HtmlEncode function| MyLiveChat_InvokeEvent function| MyLiveChat_PlaySound function| MyLiveChat_DelayRequest function| MyLiveChat_SetNextReqTimeout function| MyLiveChat_NextRequest function| MyLiveChat_SyncFromCPR function| MyLiveChat_CPRDecode function| MyLiveChat_CPREncode function| MyLiveChat_GetSourceUrl function| MyLiveChat_GetReferrer function| MyLiveChat_AppendToUrl function| MyLiveChat_ChangeUrl function| MyLiveChat_GetDialogUrl function| MyLiveChat_IsUseInlineChat function| MyLiveChat_OpenDialog function| MyLiveChat_UpdateWidgetInline function| MyLiveChat_ShowChatWidget function| MyLiveChat_ForEachElement function| MyLiveChat_WriteOrSetHTML function| MyLiveChat_Initialize function| MyLiveChat_RunLoadingHandler function| MyLiveChat_AddCustomData function| MergeCustomData function| ConvertToJson function| MyLiveChat_InlineTriggerMatch function| MyLiveChat_FilterStringMatch function| MyLiveChat_InlineTriggerNewMatch function| MyLiveChat_MatchNewTriggers function| MyLiveChat_MatchServerTriggers function| MyLiveChat_TryServerInvitation function| MyLiveChat_OnServerInvitation function| MyLiveChat_RestoreServerInvite function| MyLiveChat_StartServerInvitation function| MyLiveChat_InlineChatInit function| mlcwidget_findelements function| mlcwidget_calcpoint function| mlcwidget_calcbodypoint function| mlcwidget_nextposition function| MyLiveChat_CalcBodyPoint function| MyLiveChat_CalcPoint function| MyLiveChat_MovePoint function| MyLiveChat_SetUserName function| MyLiveChat_SetEmail function| MyLiveChat_SetDepartment function| MyLiveChat_SetSubject function| MyLiveChat_SetQuestion function| MyLiveChat_SetCustomData function| MyLiveChat_SetContextData function| MyLiveChat_SetProductName function| MyLiveChat_SetProductKey function| MyLiveChat_OnUserIsOnline function| MyLiveChat_PrepairInlineChat function| MyLiveChat_ShowInPageChat function| MyLiveChat_ShowInlineChat function| MyLiveChat_ShowChatBox function| MyLiveChat_ShowInvite function| MyLiveChat_HideInvite function| MyLiveChat_AcceptInvite function| MyLiveChat_OnInviteAccepted function| MyLiveChat_RejectInvite function| MyLiveChat_ShowInviteTemplate function| MyLiveChat_HideInviteTemplate boolean| isnewid object| _mlctemp_ object| MlcBuidinWidget

10 Cookies

Domain/Path Name / Value
www.grcts.com/ Name: Actions
Value: 0
www.grcts.com/ Name: CCCustomerId
Value: 1dec1492-f72d-9cfa-c9a2-288279e174ed
www.grcts.com/ Name: __atuvs
Value: 5c94cecd8967ad82000
www.grcts.com/ Name: __atuvc
Value: 1%7C12
.grcts.com/ Name: _gat
Value: 1
.grcts.com/ Name: _gat_gtag_UA_105189975_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.grcts.com/ Name: _gid
Value: GA1.2.1568265706.1553256142
www.grcts.com/ Name: uadt
Value: 1553256144222
.grcts.com/ Name: _ga
Value: GA1.2.1631152077.1553256142

2 Console Messages

Source Level URL
Text
console-api log URL: https://s7.mylivechat.com/livechat2/script/livechatinit2.js(Line 2)
Message:
mlc v20180823
console-api error URL: https://www.paypalobjects.com/api/checkout.js(Line 254)
Message:
ppxo_unhandled_error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api-public.addthis.com
cdn.ywxi.net
click.learn.webinarsection.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grcts.com
m.addthisedge.com
mylivechat.com
pagead2.googlesyndication.com
platform.twitter.com
s3-us-west-2.amazonaws.com
s7.addthis.com
s7.mylivechat.com
secure-web.cisco.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.grcts.com
www.paypal.com
www.paypalobjects.com
104.244.42.72
13.111.18.12
2.18.232.15
2.18.232.222
2.23.104.167
2600:9000:2043:ba00:14:6bfc:5740:93a1
2606:2800:234:59:254c:406:2366:268c
2620:101:2002:11f0::1001
2a00:1450:4001:808::2008
2a00:1450:4001:816::2002
2a00:1450:4001:816::200e
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:820::200a
2a00:1450:4001:824::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c08::9b
2a00:1450:4016:806::2003
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
52.218.208.240
74.86.208.240
74.86.208.241
77.104.138.160
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0ba2e78928d42ea232778f25e2ec3d91ae16319567171988a53de5324a926b10
0d2fd5a42a1849ad0d820611e243fd81fe81ee767716b639ff7e88c1e9f78bb6
0e83403c279067a2e6cf6d83dfc3df7f5f7968a1a9aaa6c015874e8e9e77aea8
120283048dc92e69ab98fb048633bb96065c96866fa7472ce13c90ac93404294
1349d35cb629a932fe00785c3f6ac9454ec4c5cf3b1edcf25b8749ad36ba253a
13dbfdf300dc2a4a5f050c84c87a1c360ead9fb708715a4df026c14ada4c24d7
165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff
1b7fd08e7b3e31c51f4cb750385ebe4e4e4304fcfec73b3c05cd8807993f7c60
25f26a54649ee5f6e81451b77ce8299153ce04f2a899377c1a0bddf92250c0f8
266793de59843ad9dfe7e9dde87d0bd59d7ee61a869ed692125078bf07e6ac7e
28f2985c4fa7ab576d6278186d22db973202c61b41f5d5a6e1e58eaa3a87369e
2e4a71ff3717cfe7cb963dba665095fa1686dba27c472266d8ead230a467bcf9
2f83a47c8671fb79baae9dd41ccca6558d538f1f974ecc8b7d5c04d50d81c548
321575a4bb916ac6ce2f5411f36b8a07c3c92514690b8546e9fd166b0617f6bd
349c9eaeb1ddfca43b899f7479defefa32bb049c49f25c9ccaa6432cf0ffab95
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c56e097f3bccbfd5e76fbf8ba03422a8f68e4f068833211283f83e45b1cdefd
3dc7d0be45b8a40f1460a2a55eab70a9640a7d0d10956fe50f03550c8a1f5908
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
4069a7285cbc5cdc3682a6dd52cd673ce3957603cef1b0a4b39b86a78ce2c115
41eaef925d345b4d9f771c918bacf5b3af80079d735fb24e0220895c74eaef71
43128d520fe9a1d9ad7d08eac141ee8895eef8842bae155a90fb2e31eba5e147
4519f02071757c2f95fe4dcd5903cd17d76aa5cadf93126367920a7b7d82f2ac
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4b4e4315d1362de5b58e49405ff8f628033b225bf52d67b6a5d7ab47410408f8
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
515cc55b2614a40db17c65ebc470cddb276b8806929c5da9d18ce4def29a2b63
5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2
5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5
5673337b9074bd3869f91978cc06b3f25ce40b075610f577018381721ee1fbca
59ff975042a5dbf38cb11f5d4781c61eec10ddb1f4143d8b82f21ac5cfd94923
5d69d0364c9fa1efd3c239e591f03e1140164a83970f78e441c6f10b9f7b1543
64d3fad157d902dd208c192c5645921123ddafa0e61ec8a9bbdfcbcf93ff55fb
666998ff75769eedee58f18e3bad5db4d96124126e179ec5910f371c00e41b57
6cd20a4ddeb3d40bdd6984593c0a64413704381218d072900578ce5521e825a2
6effc91c428a60d6940820dc4d8dacc769dbb1408ef3c8e70abcc4b9a4b6b68e
73f99c8dfbdfc6b193da888cd534f8c8e3ade54626a96e1f98f0b3377c0d26b7
74ac5e4e9c85ea5965755fbf8aaf6c2175d701d0c596498d0e6f049fcb767ed4
7ee0df9347eb23af3c9d058f9339cb4461feb0da35a50a1ac929999c11efed89
8229035e74d41d0082fef092bc6578af85b36e394493619ede9e0c014001664a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
89b98d89fd255ec5b7281b04d3a45be037e272c28014fd58c0aa35d66af5044a
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
9254ff55670c5487d4b0eb97c4d096e66ac417711b46e7632286a8263138a8b9
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
a4a0b5fad48c72b1445684e19b3998dac10ae74a940db9b7109d78dd79736e62
a6deebe8c28de9966fffb7f00e01f54468f0fb65e79ccdac3829719c0c9b8ed9
a85a9db03f51fcd2736459e3a8f4b0a37feb396d5881ec131373a868f5c5e62f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a
aedb9481db1a6c9c1a3e0c1a8936bbd32d5a63950f8121770a7215696d999d1c
b7e87ce463ff2354d97ad898b8b306c485d4fcbafe5c512b930fcef1ca1bcb69
b8b87ec7c520653cf79f67b55a45a57a74061f3387d9ce333e5f83ba4b3aef0c
bec117b5be8f22e9305be68965e3734a5135357a3ac88cda5814b7069a1c62dc
bf2911b44c7fa0b1734ab6f03b8cb46245cef7df3cdf8deb0c9a1ad8c6294b7b
c21a5dec9d2f3f4d2f72416db946729f545ad60442057b3b825d095a4205ff6b
c38ae8e86afa43d4192adf8b88d4ca770ca6deebab4fec9797a5495778bc0fb8
c6743217c9b525646d77f69bfb8cae859c8191ec933c8f5cae459a338b00fd2b
c69e528427c8218cb4bc5fe647db3366146403d53593a3f96482479a14eca234
c971da8733003f78cd8a2f8436a7c8bdda056e97411ab2c13f6dabec82c2828a
d32937bfdcbaa57da591fed1406b583d64cbe0b4aec235ce90fd9414e1dda2a2
d5963ca7d49707bb5ec833b2a87658b05590f80b9c5b61f656d1a6e6fd653d87
db05a666a8ba378096409d056c660e5d0485b91290541429cdbc4646a8041d88
e085866d187704eb7574395c3bf4ae78dfdc8f189816d2081b9495fd4a12787f
e36177db116e562e80af6d0775e1c22e4f594fbab44eee744f4becb914d3ac48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57825cac153eeca0e0f28fa41b54211b18dcd0a1b1c29a89cb5bcc22f17506f
e75452d9e0c52b2e23fe5e8448de53fae01979a6c73e8ac2ac5355cff7611629
e7b5ed83fcf9bac2aefaaa7b959f01e8e6841a4d7f8a09dd0ac0d327bc5e5c1a
eb06999d8d5e22641673bb9360064eea8cc3e73a0b3bd96a3a5810da72b5d4ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1108913bca82007e60c5311fc508a9be3561de27053e46a64f98bc27037e2e6
f15631a101c7206ffc4842d9aefea372119b8c54d4a2c2c0db98577ff2db7a20
f36e35ffa89c0cdcf18c58e4497db1ca9670025960fa3e0e700131b7afdea645
fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be