login.ncontracts.com Open in urlscan Pro
52.189.64.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.ncontracts.com/Dashboard/public/index.html#/NContracts?cId=0rcHC7YJp0U%3d&conId=GyRdUHmJaExnX12WL%2fUpMA%3d%3d
Effective URL:
https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex...
Submission: On January 03 via manual (January 3rd 2023, 5:09:44 pm UTC) from US — Scanned from DE

Summary HTTP 94 Redirects Behaviour Indicators

Summary

This website contacted 45 IPs in 4 countries across 35 domains to perform 94 HTTP transactions. The main IP is 52.189.64.195, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.ncontracts.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 21st 2022. Valid for: 10 months.

This is the only time login.ncontracts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	52.189.64.195 52.189.64.195	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
12	2606:2c40::c7... 2606:2c40::c73c:671c	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:1e00:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3668	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:b949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1e49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.214.192 143.204.214.192	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e4:... 2606:4700:e4::ac40:a816	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.126 65.9.66.126	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.7 13.32.27.7	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.22.90.252 23.22.90.252	14618 (AMAZON-AES) (AMAZON-AES)
1	104.26.11.16 104.26.11.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.107.203.234 34.107.203.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700:440... 2606:4700:4400::6812:2128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:206... 2600:9000:206f:0:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.215.95 143.204.215.95	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.171.56.153 54.171.56.153	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:5d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	34.242.58.23 34.242.58.23	16509 (AMAZON-02) (AMAZON-02)
94	45

11 52.189.64.195 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

app.ncontracts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.ncontracts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.ncontracts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:2c40::c73c:671c (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.ncontracts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

ncontracts-cdn.ncontracts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1e00:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3668 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b949 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f1cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1e49 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-192.fra53.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e4::ac40:a816 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-126.fra56.r.cloudfront.net

static.oktopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-7.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.22.90.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-90-252.compute-1.amazonaws.com

okt.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:2128 (United States)

ASN13335 (CLOUDFLARENET, US)

83340.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:0:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-95.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.56.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-56-153.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:5d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.58.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-58-23.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ncontracts.com 1 redirects app.ncontracts.com login.ncontracts.com www.ncontracts.com ncontracts-cdn.ncontracts.com auth.ncontracts.com	536 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 13937	289 KB
5	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 9264 track.hubspot.com — Cisco Umbrella Rank: 4433 forms.hubspot.com — Cisco Umbrella Rank: 5605	23 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3242 ka-f.fontawesome.com — Cisco Umbrella Rank: 5927 use.fontawesome.com — Cisco Umbrella Rank: 1620	36 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 840 www.linkedin.com — Cisco Umbrella Rank: 712 px4.ads.linkedin.com — Cisco Umbrella Rank: 7528	4 KB
4	hubspotusercontent-na1.net 83340.fs1.hubspotusercontent-na1.net	283 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1579	11 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1181 vars.hotjar.com — Cisco Umbrella Rank: 1235 in.hotjar.com — Cisco Umbrella Rank: 2246	74 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	243 KB
3	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 16378 settings.luckyorange.com — Cisco Umbrella Rank: 17292	5 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	4 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3658	565 B
2	google.com www.google.com — Cisco Umbrella Rank: 16	565 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 179 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1787	377 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	111 KB
2	cloudfront.net d10lpsik1i8c69.cloudfront.net	95 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 7225 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 6903	3 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 5951	896 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 7507	88 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 5931	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 4178	21 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 8919	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 4131	16 KB
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 10952	668 B
1	okt.to okt.to — Cisco Umbrella Rank: 72947	100 B
1	oktopost.com static.oktopost.com — Cisco Umbrella Rank: 79025	4 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 10421	2 KB
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 21586	1 KB
1	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 15224	2 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 12274	158 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4442	959 B
1	gstatic.com fonts.gstatic.com	44 KB
94	35

	Domain	Requested by
12	www.ncontracts.com	login.ncontracts.com www.ncontracts.com js.usemessages.com
8	login.ncontracts.com	login.ncontracts.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
4	83340.fs1.hubspotusercontent-na1.net	www.ncontracts.com
4	snap.licdn.com	www.googletagmanager.com snap.licdn.com js.hsadspixel.net
4	www.googletagmanager.com	www.ncontracts.com js.hsadspixel.net www.googletagmanager.com
3	app.hubspot.com	js.usemessages.com static.hsappstatic.net
3	ka-f.fontawesome.com	kit.fontawesome.com
3	fonts.googleapis.com	login.ncontracts.com www.ncontracts.com
2	www.google.de	www.ncontracts.com
2	www.google.com	www.ncontracts.com
2	www.google-analytics.com	www.ncontracts.com www.google-analytics.com
2	www.facebook.com	www.ncontracts.com
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	connect.facebook.net	login.ncontracts.com connect.facebook.net
2	settings.luckyorange.com	tools.luckyorange.com
2	d10lpsik1i8c69.cloudfront.net	www.ncontracts.com d10lpsik1i8c69.cloudfront.net
2	auth.ncontracts.com	login.ncontracts.com
1	forms.hubspot.com	js.hsleadflows.net
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	track.hubspot.com	login.ncontracts.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.hubapi.com	js.hsadspixel.net
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.ncontracts.com
1	www.linkedin.com	1 redirects
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	script.hotjar.com	static.hotjar.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	okt.to	static.oktopost.com
1	use.fontawesome.com	www.ncontracts.com
1	static.hotjar.com	www.ncontracts.com
1	static.oktopost.com	www.ncontracts.com
1	ws.zoominfo.com	www.ncontracts.com
1	tracking.g2crowd.com	www.ncontracts.com
1	cdn2.hubspot.net	www.ncontracts.com
1	kit.fontawesome.com	www.ncontracts.com
1	js.hsforms.net	www.ncontracts.com
1	rum-static.pingdom.net	www.ncontracts.com
1	tools.luckyorange.com	www.ncontracts.com
1	js.hs-scripts.com	www.ncontracts.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ncontracts-cdn.ncontracts.com	login.ncontracts.com
1	app.ncontracts.com	1 redirects
94	51

This site contains no links.

Subject Issuer	Validity	Valid
*.ncontracts.com Go Daddy Secure Certificate Authority - G2	`2022-08-21` - `2023-06-07`	10 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.ncontracts.com Cloudflare Inc ECC CA-3	`2022-04-30` - `2023-04-30`	a year	crt.sh
snid053gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-05` - `2023-06-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
luckyorange.com Amazon	`2022-12-18` - `2024-01-16`	a year	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2022-11-13` - `2023-11-13`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.oktopost.com Amazon	`2022-09-28` - `2023-10-27`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
okt.to R3	`2022-11-12` - `2023-02-10`	3 months	crt.sh
settings.luckyorange.com R3	`2022-12-30` - `2023-03-30`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-13` - `2023-01-11`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2022-10-30` - `2023-10-30`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.pingdom.net Amazon	`2022-11-22` - `2023-12-20`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html
Frame ID: 11D6C3C0BBB682C3DF4EE1F190488195
Requests: 12 HTTP requests in this frame

Frame: https://www.ncontracts.com/customer-login-content
Frame ID: C1709DC7C8E2CDB4005944B7EDF5BE77
Requests: 69 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Frame ID: 6DB20A4BFCFBDBB9FC5C41B260C0838B
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 5E57EAF3DC67039BDE330FF5FE937E20
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/83340/threads/utk/443a879ef0c84ac0ada9eb4b914726a9?uuid=01156e18917e421fb37d96c575c27905&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ncontracts.com&inApp53=false&messagesUtk=443a879ef0c84ac0ada9eb4b914726a9&url=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true
Frame ID: 6DA1135F6E77D122384EC9285D011357
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to Ncontracts

Page URL History Show full URLs

https://app.ncontracts.com/Dashboard/public/index.html HTTP 302
https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashbo... Page URL

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

94
Requests

99 %
HTTPS

74 %
IPv6

35
Domains

51
Subdomains

45
IPs

4
Countries

2099 kB
Transfer

6336 kB
Size

40
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.ncontracts.com/Dashboard/public/index.html HTTP 302
https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1640833&time=1672765782319&url=https%3A%2F%2Flogin.ncontracts.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1640833%26time%3D1672765782319%26url%3Dhttps%253A%252F%252Flogin.ncontracts.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1640833&time=1672765782319&url=https%3A%2F%2Flogin.ncontracts.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1640833&time=1672765782319&url=https%3A%2F%2Flogin.ncontracts.com%2F&liSync=true&e_ipv6=AQLcFzNsbz4edgAAAYV4nDscHIh33dKo0jDlH9x-evUn2NzEH3PS7nEn6vz6XzlnVs2xPQXUNTOF

94 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
login.ncontracts.com/auth/
Redirect Chain

https://app.ncontracts.com/Dashboard/public/index.html
https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html

1 KB
2 KB

422ms
140ms

Document
text/html

52.189.64.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.189.64.195 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Apache 2.0.59 Commodore C64

Resource Hash

6d47438acddd9d2f2340ea5ee9197a1fc5bf6a35b2b39b1c1b5a5bcf511e386a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://ncontracts.com https://.ncontracts.com http://ncontracts.com http://.ncontracts.com https://fullstory.com https://.fullstory.com http://fullstory.com http://.fullstory.com https://bancintranets.com https://.bancintranets.com https://.questsoft.com https://*.complianceeagle.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	Nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 784
Content-Security-Policy: frame-ancestors https://ncontracts.com https://*.ncontracts.com http://ncontracts.com http://*.ncontracts.com https://fullstory.com https://*.fullstory.com http://fullstory.com http://*.fullstory.com https://bancintranets.com https://*.bancintranets.com https://*.questsoft.com https://*.complianceeagle.com
Content-Type: text/html
Date: Tue, 03 Jan 2023 17:09:39 GMT
ETag: "0a425f2bbe4d81:0:dtagent10255221104040649k9Hx"
Feature-Policy: self
Last-Modified: Thu, 20 Oct 2022 19:41:27 GMT
Referrer-Policy: strict-origin
Server: Microsoft-IIS/10.0
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1235579682"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: Nosniff
X-OneAgent-JS-Injection: true
X-Powered-By: Apache 2.0.59 Commodore C64
X-Robots-Tag: noindex
X-XSS-Protection: 1; mode=block
X-ruxit-JS-Agent: true

Redirect headers

Access-Control-Allow-Methods: *
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 741
Content-Security-Policy: frame-ancestors https://ncontracts.com https://*.ncontracts.com http://ncontracts.com http://*.ncontracts.com https://fullstory.com https://*.fullstory.com http://fullstory.com http://*.fullstory.com https://bancintranets.com https://*.bancintranets.com https://*.questsoft.com https://*.complianceeagle.com
Content-Type: text/html; charset=utf-8
Date: Tue, 03 Jan 2023 17:09:38 GMT
Feature-Policy: self
Location: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html
Referrer-Policy: strict-origin
Server: Microsoft-IIS/10.0
Server-Timing: dtSInfo;desc="0", dtRpid;desc="901793508"
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: Nosniff
X-OneAgent-JS-Injection: true
X-Powered-By: Apache 2.0.59 Commodore C64
X-Robots-Tag: noindex
X-XSS-Protection: 1; mode=block
X-ruxit-JS-Agent: true

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 153ms
58ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7fa895719671f50136115e5a8ac3773e46a820cebce1876a5dcb1fa2f095fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.ncontracts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Jan 2023 17:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 16:05:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Jan 2023 17:09:39 GMT

GET
H/1.1 200
OK ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js Show response
login.ncontracts.com/ 345 KB
127 KB 271ms
270ms Script
text/javascript 52.189.64.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.ncontracts.com/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.189.64.195 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Apache 2.0.59 Commodore C64

Resource Hash

f21f90f0f1de1219b6d20c6133ea5f442bb68a18f8a81b055e33df1880ab4b28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://ncontracts.com https://.ncontracts.com http://ncontracts.com http://.ncontracts.com https://fullstory.com https://.fullstory.com http://fullstory.com http://.fullstory.com https://bancintranets.com https://.bancintranets.com https://.questsoft.com https://*.complianceeagle.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	Nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.ncontracts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 17:09:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: Nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors https://ncontracts.com https://*.ncontracts.com http://ncontracts.com http://*.ncontracts.com https://fullstory.com https://*.fullstory.com http://fullstory.com http://*.fullstory.com https://bancintranets.com https://*.bancintranets.com https://*.questsoft.com https://*.complianceeagle.com
X-Powered-By: Apache 2.0.59 Commodore C64
Connection: keep-alive
Content-Length: 128758
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Server: Microsoft-IIS/10.0
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=28800
Feature-Policy: self
X-Robots-Tag: noindex
Expires: Wed, 03 Jan 2024 17:09:39 GMT

GET
H/1.1 200
OK main.787fe317.js Show response
login.ncontracts.com/static/js/ 635 KB
197 KB 140ms
139ms Script
application/javascript 52.189.64.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.ncontracts.com/static/js/main.787fe317.js

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.189.64.195 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Apache 2.0.59 Commodore C64

Resource Hash

7542229c6dac8f51fdb4da106b4ea33d345b7fe6304cf92d37323a79efe87df0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://ncontracts.com https://.ncontracts.com http://ncontracts.com http://.ncontracts.com https://fullstory.com https://.fullstory.com http://fullstory.com http://.fullstory.com https://bancintranets.com https://.bancintranets.com https://.questsoft.com https://*.complianceeagle.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	Nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.ncontracts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 17:09:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: Nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors https://ncontracts.com https://*.ncontracts.com http://ncontracts.com http://*.ncontracts.com https://fullstory.com https://*.fullstory.com http://fullstory.com http://*.fullstory.com https://bancintranets.com https://*.bancintranets.com https://*.questsoft.com https://*.complianceeagle.com
X-Powered-By: Apache 2.0.59 Commodore C64
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="93360124"
Content-Length: 200756
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Wed, 07 Dec 2022 03:58:41 GMT
Server: Microsoft-IIS/10.0
ETag: "806e6a31f09d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=28800
Feature-Policy: self
Accept-Ranges: bytes
X-Robots-Tag: noindex

GET
H/1.1 200
OK main.a7be96e5.css
login.ncontracts.com/static/css/ 310 KB
46 KB 557ms
284ms Stylesheet
text/css 52.189.64.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.ncontracts.com/static/css/main.a7be96e5.css

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.189.64.195 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Apache 2.0.59 Commodore C64

Resource Hash

75543b4a76f194cda98ca78c7eb3da1ab07e078938690f8643cbb998d5187408

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://ncontracts.com https://.ncontracts.com http://ncontracts.com http://.ncontracts.com https://fullstory.com https://.fullstory.com http://fullstory.com http://.fullstory.com https://bancintranets.com https://.bancintranets.com https://.questsoft.com https://*.complianceeagle.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	Nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.ncontracts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 17:09:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: Nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors https://ncontracts.com https://*.ncontracts.com http://ncontracts.com http://*.ncontracts.com https://fullstory.com https://*.fullstory.com http://fullstory.com http://*.fullstory.com https://bancintranets.com https://*.bancintranets.com https://*.questsoft.com https://*.complianceeagle.com
X-Powered-By: Apache 2.0.59 Commodore C64
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="519985273"
Content-Length: 45974
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Thu, 20 Oct 2022 19:41:28 GMT
Server: Microsoft-IIS/10.0
ETag: "0a425f2bbe4d81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=28800
Feature-Policy: self
Accept-Ranges: bytes
X-Robots-Tag: noindex

GET
H/1.1 200
OK ruxitagentjs_D_10255221104040649.js
login.ncontracts.com/ 42 KB
16 KB 277ms
154ms Other
text/javascript 52.189.64.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.ncontracts.com/ruxitagentjs_D_10255221104040649.js

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.189.64.195 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Apache 2.0.59 Commodore C64

Resource Hash

bc7b03745f761929af869c573481e525e7ba55dd53efc6e3dba9c498fe6d65c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://ncontracts.com https://.ncontracts.com http://ncontracts.com http://.ncontracts.com https://fullstory.com https://.fullstory.com http://fullstory.com http://.fullstory.com https://bancintranets.com https://.bancintranets.com https://.questsoft.com https://*.complianceeagle.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	Nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.ncontracts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 17:09:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: Nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors https://ncontracts.com https://*.ncontracts.com http://ncontracts.com http://*.ncontracts.com https://fullstory.com https://*.fullstory.com http://fullstory.com http://*.fullstory.com https://bancintranets.com https://*.bancintranets.com https://*.questsoft.com https://*.complianceeagle.com
X-Powered-By: Apache 2.0.59 Commodore C64
Connection: keep-alive
Content-Length: 15710
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Server: Microsoft-IIS/10.0
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=28800
Feature-Policy: self
X-Robots-Tag: noindex
Expires: Wed, 03 Jan 2024 17:09:39 GMT

GET
H2 200 customer-login-content Show response
www.ncontracts.com/ Frame C170 17 KB
7 KB 1266ms
1176ms Document
text/html 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncontracts.com/customer-login-content

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/static/js/main.787fe317.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

dfe0987f2c66b23e1ee0a0a58c6acfd2a82b50b30f94d4c25b1d31cb36fad107

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.ncontracts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: s-maxage=7200,max-age=5
cache-tag: CT-35617585028,P-83340,L-35617250844,CW-35617156324,E-27159815009,E-27159846421,E-27160027186,E-459197040,PGS-ALL,SW-4
cf-cache-status: MISS
cf-ray: 783d57ee9d81914d-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Tue, 03 Jan 2023 17:09:41 GMT
edge-cache-tag: CT-35617585028,P-83340,L-35617250844,CW-35617156324,E-27159815009,E-27159846421,E-27160027186,E-459197040,PGS-ALL,SW-4
last-modified: Tue, 03 Jan 2023 17:09:41 GMT
link: </hs/hsstatic/HubspotToolsMenu/static-1.143/js/index.js>; rel=preload; as=script, </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7peDwcIxeRNXVaD9PRNN%2BG0xe4cKav705zS2QwOdNxuXuKCmq6ulPlxTkkOMkzSPLR4bg8NsRuoB5ZrYN8qUswGSRCiuAzlnajMOFqUHg0Ab2RW3aOxoXWqYiGDIYelucgYKF9s%2F9Q6LaaDXwNITJw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: origin, Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-7200s
x-hs-content-id: 35617585028
x-hs-https-only: worker
x-hs-hub-id: 83340
x-hubspot-correlation-id: a6212cac-ec03-45bb-bda0-3b65f714104a
x-powered-by: HubSpot
x-trace: 2BE4AF6F3EBCDD2A1CEF34597D18027C4AAD1469BD000000000000000000

GET
H2 200 logo-ncontracts-blue.svg
ncontracts-cdn.ncontracts.com/1.0.168/logos/ 10 KB
11 KB 669ms
520ms Image
image/svg+xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ncontracts-cdn.ncontracts.com/1.0.168/logos/logo-ncontracts-blue.svg
Requested by: Host: login.ncontracts.com
URL: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cb63139d2e4e99400e3acba385f7e10fa977659f9deb784af04b0cc5e3875a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.ncontracts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Jan 2023 17:09:39 GMT
content-md5: mE/7z74VJdvMlxFD6EPVhQ==
content-length: 10518
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jul 2020 19:24:58 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D82A87182E49CD
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 41ba6f98-701e-0065-3c96-1fcbcc000000
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Type,Content-Language,Expires,Last-Modified,Pragma,Origin
cache-control: max-age=3600
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Tue, 03 Jan 2023 18:09:40 GMT

GET
H/1.1 200
OK where-password.ae3307c004ef06ae02ee.gif
login.ncontracts.com/static/media/ 28 KB
29 KB 142ms
142ms Image
image/gif 52.189.64.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.ncontracts.com/static/media/where-password.ae3307c004ef06ae02ee.gif

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.189.64.195 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Apache 2.0.59 Commodore C64

Resource Hash

3b93a2e684628e81e920529075f03e125c09df10f71446f81a6b8390e1b8bfe1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://ncontracts.com https://.ncontracts.com http://ncontracts.com http://.ncontracts.com https://fullstory.com https://.fullstory.com http://fullstory.com http://.fullstory.com https://bancintranets.com https://.bancintranets.com https://.questsoft.com https://*.complianceeagle.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	Nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.ncontracts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 17:09:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: Nosniff
Content-Security-Policy: frame-ancestors https://ncontracts.com https://*.ncontracts.com http://ncontracts.com http://*.ncontracts.com https://fullstory.com https://*.fullstory.com http://fullstory.com http://*.fullstory.com https://bancintranets.com https://*.bancintranets.com https://*.questsoft.com https://*.complianceeagle.com
X-Powered-By: Apache 2.0.59 Commodore C64
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="42545541"
Content-Length: 28931
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Thu, 20 Oct 2022 19:41:28 GMT
Server: Microsoft-IIS/10.0
ETag: "0a425f2bbe4d81:0"
Content-Type: image/gif
Cache-Control: no-cache, no-store
Feature-Policy: self
Accept-Ranges: bytes
X-Robots-Tag: noindex

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 78ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.ncontracts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 18:50:24 GMT
x-content-type-options: nosniff
age: 80356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 18:50:24 GMT

OPTIONS
H/1.1 204
No Content logout
auth.ncontracts.com/ Frame 0
0 425ms
145ms Preflight
text/plain 52.189.64.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ncontracts.com/logout

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.189.64.195 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Apache 2.0.59 Commodore C64

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://ncontracts.com https://.ncontracts.com http://ncontracts.com http://.ncontracts.com https://fullstory.com https://.fullstory.com http://fullstory.com http://.fullstory.com https://bancintranets.com https://.bancintranets.com https://.questsoft.com https://*.complianceeagle.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	Nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://login.ncontracts.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://login.ncontracts.com
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Security-Policy: frame-ancestors https://ncontracts.com https://*.ncontracts.com http://ncontracts.com http://*.ncontracts.com https://fullstory.com https://*.fullstory.com http://fullstory.com http://*.fullstory.com https://bancintranets.com https://*.bancintranets.com https://*.questsoft.com https://*.complianceeagle.com
Content-Type: text/plain
Date: Tue, 03 Jan 2023 17:09:40 GMT
Feature-Policy: self
Referrer-Policy: strict-origin
Server: Microsoft-IIS/10.0
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1062368199", dtTao;desc="1"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Vary: Origin
X-Content-Type-Options: Nosniff
X-Powered-By: Apache 2.0.59 Commodore C64
X-Robots-Tag: noindex
X-XSS-Protection: 1; mode=block

POST
H/1.1 401
Unauthorized logout Show response
auth.ncontracts.com/ 0
1 KB 435ms
154ms XHR
text/plain 52.189.64.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ncontracts.com/logout

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.189.64.195 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Apache 2.0.59 Commodore C64

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://ncontracts.com https://.ncontracts.com http://ncontracts.com http://.ncontracts.com https://fullstory.com https://.fullstory.com http://fullstory.com http://.fullstory.com https://bancintranets.com https://.bancintranets.com https://.questsoft.com https://*.complianceeagle.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	Nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://login.ncontracts.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 03 Jan 2023 17:09:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Bearer error="invalid_token"
Content-Security-Policy: frame-ancestors https://ncontracts.com https://*.ncontracts.com http://ncontracts.com http://*.ncontracts.com https://fullstory.com https://*.fullstory.com http://fullstory.com http://*.fullstory.com https://bancintranets.com https://*.bancintranets.com https://*.questsoft.com https://*.complianceeagle.com
X-Content-Type-Options: Nosniff
X-Powered-By: Apache 2.0.59 Commodore C64
Transfer-Encoding: chunked
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-430616097", dtTao;desc="1"
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Server: Microsoft-IIS/10.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://login.ncontracts.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Feature-Policy: self
Timing-Allow-Origin: *
X-Robots-Tag: noindex

GET
H2 200 index.js Show response
www.ncontracts.com/hs/hsstatic/HubspotToolsMenu/static-1.143/js/ Frame C170 10 KB
4 KB 75ms
74ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncontracts.com/hs/hsstatic/HubspotToolsMenu/static-1.143/js/index.js

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9293649926b2fefcc745d0745f7069515068d051a0e5da1a8af0099fcbc2a285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 204734520f5130526e378b271a301fda.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: tYk7zfZxv1cPKMqgfjKc2KKrk..2BkHm
age: 1731984
x-amz-cf-pop: BOM78-P5
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Dec 2022 14:39:49 GMT
server: cloudflare
etag: W/"a058511f8075f32c8de21808866260c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BzD2meVCO7ZRxG0qlYP7gvUaQSDjQ9uzIcshhhg1QQQW%2FzmtirTw55pwi7UgzgdkXwCJG4O2RLnsG5acrEyJuxQGQuyhSmoNVoPtaCVA%2BE5t5oYq6Zu%2BEb4pk9v2vaK1iEl9aQgvSlap0AUcWRXwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 783d57f5ffdc914d-FRA
x-amz-cf-id: DnMYiFCVSCvQxmoCbsJmaWEgNXdB8yPU8Yg1CtnrPvwRXAdGpRzPcw==
expires: Wed, 03 Jan 2024 17:09:41 GMT

GET
H2 200 project.js Show response
www.ncontracts.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ Frame C170 1 KB
1 KB 88ms
87ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncontracts.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
age: 26709628
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpJg6r%2F6xMQiIUaKtaoYVMBhOWonziYNw4VGu6KIKfs%2FphbJmKogM%2B3%2BnL2FXeoW%2F6fMVpnj7D2IozYuo4jnd7eYDZri6wbhIs3Uezh%2F1u9gGP6ugQoROAtv%2ByAHfRxOaNyp0ncR2gdvrW8mSZEnbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 783d57f5ffe4914d-FRA
x-amz-cf-id: lW4qF689P3Dc0HMw43ovy8wjZ74uhX_Wh4bq4rNr2huIwgx-yNd3Uw==
expires: Wed, 03 Jan 2024 17:09:41 GMT

GET
H2 200 jquery-1.11.2.js Show response
www.ncontracts.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ Frame C170 94 KB
35 KB 79ms
78ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncontracts.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: null
age: 7837214
x-amz-cf-pop: FRA6-C1
content-encoding: br
x-cache: Hit from cloudfront
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlNPkibiFWM0NYyR7PKobmF8T95vrp4VxkdX3%2BeQxObbbdtQY2xluXHZjl9kHRkFT29M8%2Bj9fiZ4Xql0k7kWhrdOLOjFSVMpltV53d6HlC8b%2F7ntgGapTsQtJhjNPBB92V2BsInj0JsdctqsGWGYJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 783d57f6080b914d-FRA
x-amz-cf-id: pVS8A_Fv2xLODDpokn5uxFcZdqZ3OD5Rtp9Oo6jqTZwygHnSe3riJw==
expires: Wed, 03 Jan 2024 17:09:41 GMT

GET
H2 200 module_35617156324_New_Login_Section.min.css
www.ncontracts.com/hs-fs/hub/83340/hub_generated/module_assets/35617156324/1608050637075/ Frame C170 2 KB
1 KB 574ms
572ms Stylesheet
text/css 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/module_assets/35617156324/1608050637075/module_35617156324_New_Login_Section.min.css

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c203b1a0c1cca806d24138af7fc60cc15b791603c5eac80879531de5a20849b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 5e5b56398a1fcf5517d27e383d71ef9a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: l2SjGA72FfUT0HH0iIaXWkmBnP4huDCn
x-amz-cf-pop: IAD12-P2
x-amz-request-id: 6035SFFDQ82XZP4V
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pkLZvBNTY0WpAJrgB5q6cvVfeQuOOv88v/UMRu8pD05GslSdFumJiXeUWr1iXlV9ZIiOKA1dPvI=
last-modified: Tue, 15 Dec 2020 16:43:58 GMT
server: cloudflare
etag: W/"458423647b2c3947e7a9f63315a7a0f5"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1608050637075
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2C1CzHobnp7t9ljqS5Zd19CuL37xTBPa6DNAvQpXXQT1Hd3QRuYmZz31YG%2BRZQUQk2Me88GiBwg5M1wkGsN7mmsOmPBxTknDGbJJeCroP6TXVWTOSIWChsbbefeBbeEdlrcW%2B5IgklbhQfr8B01iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 783d57f61816914d-FRA
x-amz-cf-id: Yjk97b9osKJzNnWMkiZaHtxYFCPgzUTDn7SYy3ibKHJRpwtwCJOIVw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 83340.js Show response
js.hs-scripts.com/ Frame C170 2 KB
959 B 244ms
189ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/83340.js
Requested by: Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131cac7876b19d02347ebb732228565b819f3d4468242cb5a512fc79a7c4b663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 03 Jan 2023 16:29:03 GMT
server: cloudflare
x-hubspot-correlation-id: 3548d362-d4bd-418b-9b0c-e198bd20aafe
x-trace: 2B0454A64315C3684D9D26953A449CC5FBB4CC9A70000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.ncontracts.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 783d57f9fd9fbb8f-FRA
expires: Tue, 03 Jan 2023 17:10:42 GMT

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ Frame C170 11 KB
5 KB 118ms
21ms Script
application/javascript 2600:9000:2057:1e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=47aa9f76
Requested by: Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da34f6296bcad0af467d8776d377de8dabe85d985dcf5a11507a4439d6bbb571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 16:37:05 GMT
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified: Mon, 10 Oct 2022 21:25:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 1957
etag: "48be70be7c53713f09434cac27c37598"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4300
x-amz-cf-id: _kAQRFIlQBUnXFNYvrjud8Pn9sfIADzcRqCzKJlVLsXbG2QZSAOwhg==

GET
H2 200 pa-5e4c5ea266850900080004dc.js Show response
rum-static.pingdom.net/ Frame C170 6 KB
3 KB 222ms
170ms Script
application/javascript 2606:4700:10::6816:3668
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5e4c5ea266850900080004dc.js
Requested by: Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b995a6e1ba25e7f309c10c3b83cdaa050854a37f0c7704ba68d83c30a17ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 783d57fa293a906d-FRA
expires: Tue, 03 Jan 2023 17:14:42 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ Frame C170 508 KB
158 KB 117ms
58ms Script
application/javascript 2606:4700::6811:b949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dd69c5677dc2817f1975f4f1d97f0883c62002c66d622880684acdebdfbb6d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:41 GMT
x-amz-version-id: fcZIZVQUECKyyC98r5SaFFuC6GW_zggG
via: 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 562
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2522/bundles/project-v2.js&cfRay=783d4a3d2acf924a-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 03 Jan 2023 12:17:00 UTC
server: cloudflare
etag: W/"e0f721602881d54fc52ba466f75131ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gq02epeQ9Y3dw7tdtaN0i5NMyOYOmvTrrZpRlF8bRrrPqblEGN97qmFSuWr%2BSAkVUdd5S0uGAexm9ymSza7ZTeYYsSHUe2azlaK06B1MYrK4Pb0%2FgoG4Am9x9eQiWDqZoK%2BQUh3z%2Fmik3fs7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 783d57f66ea8921d-FRA
x-amz-cf-id: qs0pVbiVX7unaI0mwwDTnTMjmvcVT1Q80Aiwkj0rhobUWPZuOUdhIQ==
x-hs-target-asset: forms-embed/static-1.2522/bundles/project-v2.js

GET
H2 200 52b962c594.js Show response
kit.fontawesome.com/ Frame C170 11 KB
4 KB 145ms
92ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/52b962c594.js

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11cf7ac99ec50b2233db060316c4ce6413571b130de0b4a501c12653e8c62ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.ncontracts.com/customer-login-content
Origin: https://www.ncontracts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:41 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 783d57f66ccf9bee-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FyKaEXOA7XCAgFatAdJi

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1672756924272/hubspot/hubspot_default/shared/responsive/ Frame C170 4 KB
2 KB 128ms
78ms Stylesheet
text/css 2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1672756924272/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8785
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 03 Jan 2023 14:42:05 GMT
server: cloudflare
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1672756924952
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJnmrC4LYm2z24MP8dEJHY3atpCZ%2BMcp8L%2B7izzaGFAZqMpg57Cu4BSrikXboB%2BfxcFBjpxUkJNo79bx0ZwO%2BsnKaKDoo78hQ9fsnK4ycsuMzuZUHeskVfpgIpdBOyPOLmDYzofIW2tllRzEYH0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 783d57f65b6f2bb8-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 Manufacturing_style.min.css
www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159846421/1664982120633/_TEMPLATE_PACKS/Manufacturing/Coded_Files/ Frame C170 204 KB
34 KB 334ms
333ms Stylesheet
text/css 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159846421/1664982120633/_TEMPLATE_PACKS/Manufacturing/Coded_Files/Manufacturing_style.min.css

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6f262c6b4a18b35f7ea7bc4c07e205a378b44fd86324a03444e642a3fa05b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 615f410a3a080a335933e9fa08c15260.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _tk3a2zjr2htOkuhnM9h5bwPU5chgreu
x-amz-cf-pop: IAD89-P1
x-amz-request-id: RQ2WCQHCTBTZTV1J
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: eb6irmsoCddbx8quhpIOrR6NmVZBK/M8ExIzEA5j+/Cs8itpF3+i+vRQBRyxuTYLvB/rK0H49tY=
last-modified: Wed, 05 Oct 2022 15:02:04 GMT
server: cloudflare
etag: W/"984ff0fe49b95eba9509bd9c5a5bfd7b"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1664982123479
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HawuTKp91Sp17brTwSuuPbU4P%2Fl6xBX%2FhdkUWwB06C7NN%2FnVhBZY%2B5hloldWBLhftsSr3hpJ7MIDnhzTEe7I8IO%2B0h2%2BiOUZQFy5%2BUw1Z8N4ysizo0R1unefgxcQidx8gEufUAdiXxK2Q6SXfriP%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 783d57f61819914d-FRA
x-amz-cf-id: 063St1gCdZ1pWN6wfpMB19jTgLDVOROfYtf3A_isCgzNIs3DdlI7gw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 footer_new.min.css
www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159815009/1608614442472/_TEMPLATE_PACKS/Manufacturing/Coded_Files/ Frame C170 42 KB
10 KB 312ms
311ms Stylesheet
text/css 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159815009/1608614442472/_TEMPLATE_PACKS/Manufacturing/Coded_Files/footer_new.min.css

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8e0bd6f3021979ccacae0b5eb7a4214b375e60441874ae11e1d35e575151285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6e44ac4753bea102fe3aae286f68acfe.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 3f2wwUKzCHrRWTOfWcxEonW7EbDRHflu
x-amz-cf-pop: IAD55-P1
x-amz-request-id: FQFT1NHK341372NV
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4h2NjDSQI4pPIJOfvFv6rIlAoEkphcLCD6EOXQLfWN6O8s6bkAfbHkkKKs7ZnNAxa1JsL1dfeI4=
last-modified: Tue, 22 Dec 2020 05:20:43 GMT
server: cloudflare
etag: W/"7053d7ee43b4a5fc6bf697271b656922"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1608614442472
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYZ2mIW8qE%2FUWCM1tFQqKU%2BRc5MpeMm9AHWjFnz8eACJjWYzBC39OP8QptCvpu%2BMt3pwC0AeILmOi0AK3kS7nmupXk%2BRxND%2B2NLIzF0VOajPdsfLT%2BMpkiAwW5Xs4ya9GFURFDRGmWbrx35YMUQDDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 783d57f6181b914d-FRA
x-amz-cf-id: 5IpZKg3utAcL7vT6eA3mgs5iVh-4ZCAXNCvQoxzF_dEIvTq6Blx9uw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 Toolbox@1x.png
www.ncontracts.com/hubfs/2020%20Login%20Page/ Frame C170 1 KB
2 KB 924ms
922ms Image
image/png 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncontracts.com/hubfs/2020%20Login%20Page/Toolbox@1x.png

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

44ba5d1a4a7949b7c87c8365121ff8b9961a81b82daccf7a7424b211091f21e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-35956442977,FD-35956442915,P-83340,FLS-ALL
x-amz-request-id: Z87NA5TAX07VJBP0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-35956442977,FD-35956442915,P-83340,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "86209e89dd120a7dd8367f21c4fc1d25"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1602512931354
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 03 Jan 2023 17:09:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: qVCQqnBgyw2J3JVYRJxSRJeZ_ok70PO.
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-35956442977,FD-35956442915,P-83340,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1159
x-amz-id-2: emTkiCq6hYDVir+dGFULEd0G3XY1NRjy0eluwZXlXwrdlg1gb4OOxwJEvQrBF7I0G5HTiQtR/Ug=
last-modified: Mon, 12 Oct 2020 14:28:52 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfzdPagnhwbKnvAfkni0yDtULCveDFiBkrEIoQVKMtrkjt4vMPkEmi4YgGus2aNE3%2BE1naQyR7WJRit0DeKpswhy3rm91RRnNl3YUeA%2FWzYcUdmXSlnd6%2Fr8NK8a8m9GXihe1UwbNPRZhZRTc8LFaA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 783d57f9dd26920d-FRA
x-amz-cf-id: JkKNs5NJqG-PbuFX9MbsFx4ZLKZKlrkSzL5NhFWB2ixQiN8iaKMAgw==

GET
H3 200 Checkmark-Circle-Copy-2.png
www.ncontracts.com/hubfs/ Frame C170 2 KB
3 KB 1119ms
1117ms Image
image/png 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncontracts.com/hubfs/Checkmark-Circle-Copy-2.png

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ce69fabe20033c2de82b3a2fd1ea8b7b6cfb92541b21260523fcf1cb08cadb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-30007156233,P-83340,FLS-ALL
x-amz-request-id: Z87S37F8B36R0SPJ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-30007156233,P-83340,FLS-ALL
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "6f2cfe85d97352ae40c1d6a3eb8872bc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 03 Jan 2023 17:09:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: vIf_rHIWRVJM1R2k5iFBTX31nqVOUA7k
x-amz-cf-pop: FRA56-P7
x-cache: RefreshHit from cloudfront
cache-tag: F-30007156233,P-83340,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1765
x-amz-id-2: 11r/H3lS3Y0B5dJ5F0cKzClDP9iVTsWInUYaqDiEgfU8JAy5mciHJGAsJp6VY8d6AvR1WjVlW7ju7tSZ/QiC6A==
last-modified: Tue, 02 Jun 2020 09:38:09 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jv0BGsxouFB1D8jSMQQM6wcpxyyydbxubvdVEVFEllNACooEuWUhViuS6BmJZZY8EeEDTI66CN7wDS0xAmM3NPwUR3oTA0QVw%2Fun%2BSn0P2LbUu5icBwg%2FB76ySjXMfMduuwVHmyTlaU2%2B3wdSw%2FlxA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 783d57f9dd27920d-FRA
x-amz-cf-id: 5v9iDHTVeP8GRqXL-mXtZdovlbaENHzvyhB2I3WlosCOg8ySNO6ahg==

GET
H3 200 Manufacturing-main.min.js Show response
www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27160027186/1601618294216/_TEMPLATE_PACKS/Manufacturing/Coded_Files/ Frame C170 4 KB
2 KB 651ms
651ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27160027186/1601618294216/_TEMPLATE_PACKS/Manufacturing/Coded_Files/Manufacturing-main.min.js

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfb45ec15963a82bd3b4858017f1bd0b4229995a9709f7d8f692457bb16898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4685cae701bd588fa0176a1c8b1e52f4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: G_V0X25yIiQAxjB8ChcB8H0vTVjlKS2J
x-amz-cf-pop: IAD12-P2
x-amz-request-id: TRGCF3C83Q64RJ3V
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +NxvWVXLWKkFViKqrnk/HeMKLa9lMEkoubFVtclTfc8J90rHNguM9kw8kXtPf6jmX3EmgtCQqvM=
last-modified: Fri, 02 Oct 2020 05:58:15 GMT
server: cloudflare
etag: W/"1f194f4f068d31da437119ad04a037e3"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1601618294216
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VicXayU6ZwNsawfu%2BM69bLP58OsVNY96sfqOi8zhcIMjqN7WePWMFOjNFOFED2s2irAU7RaODDkrZgneCKlSIhuxd4UUUwq%2BOoZfswbi96%2BfxX875SRmvAfsvH3ArxJIFG406imVsHM95%2Br95qyJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 783d57f89b63920d-FRA
x-amz-cf-id: pamsZA-D__Gk_FNaDj0PP0J6q5JOissHC4joRqlkG1s4tgcxWLly0g==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 83340.js Show response
www.ncontracts.com/hs/scriptloader/ Frame C170 2 KB
1 KB 190ms
188ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncontracts.com/hs/scriptloader/83340.js?businessUnitId=0

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

131cac7876b19d02347ebb732228565b819f3d4468242cb5a512fc79a7c4b663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ed4de782-b610-44c6-9924-292b37b2bfc9
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 03 Jan 2023 17:09:42 GMT
server: cloudflare
x-trace: 2BC69DA933258EB71430FB777F372EC8B69CA8FFEC000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.ncontracts.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sc86JUojvm0XofmS3lQNbhC6U3pF1JZdol2%2BK2vBmUepBX2qkqAfxprrDZjb9lmazuX3uIINlaCSV1lZaI%2BeFMZrQ0d7cV5Dx1955QQh%2F6xTaJKizOoXTWLlUAHN8fPyVWnfilnlNQJ72muYld%2BpNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 783d57f9dd2a920d-FRA
expires: Tue, 03 Jan 2023 17:10:42 GMT

POST
H/1.1 200
OK rb_bf76460olz Show response
login.ncontracts.com/ 123 B
1 KB 145ms
144ms XHR
text/plain 52.189.64.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.ncontracts.com/rb_bf76460olz?type=js3&sn=v_4_srv_15_sn_BF197522169DAD75C9414FF59C1706AE_perc_100000_ol_0_mul_1_app-3A01ff57afec3ccf4c_1_app-3Ac3f4b3b9a73eca17_1_app-3A1b4bbe8313933a77_1_rcs-3Acss_0&svrid=15&flavor=post&vi=HCCPKAISNFAUNWKUMLHFLQFMPPGJHPAK-0&modifiedSince=1672752933264&rf=https%3A%2F%2Flogin.ncontracts.com%2Fauth%2Flogin%3Freferrer%3Db8a966ff-ba2d-4302-bbe4-08290a0e11f4%26ReturnUrl%3D%252fDashboard%252fpublic%252findex.html%23%2FNContracts%3FcId%3D0rcHC7YJp0U%253d%26conId%3DGyRdUHmJaExnX12WL%252fUpMA%253d%253d&bp=3&app=c3f4b3b9a73eca17&crc=566175923&en=iqb123uz&end=1

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.189.64.195 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Apache 2.0.59 Commodore C64

Resource Hash

4c1684e6209c0a79fbf7fefd5d5dfc4e40f7c150ff8a048d3bce346bdc18b0bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://ncontracts.com https://.ncontracts.com http://ncontracts.com http://.ncontracts.com https://fullstory.com https://.fullstory.com http://fullstory.com http://.fullstory.com https://bancintranets.com https://.bancintranets.com https://.questsoft.com https://*.complianceeagle.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	Nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.ncontracts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 03 Jan 2023 17:09:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: Nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors https://ncontracts.com https://*.ncontracts.com http://ncontracts.com http://*.ncontracts.com https://fullstory.com https://*.fullstory.com http://fullstory.com http://*.fullstory.com https://bancintranets.com https://*.bancintranets.com https://*.questsoft.com https://*.complianceeagle.com
X-Powered-By: Apache 2.0.59 Commodore C64
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store
Feature-Policy: self
X-Robots-Tag: noindex

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame C170 147 KB
54 KB 92ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T5CWJ9K

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a74a3403ba582ac59892878f4de06d247b45b05c609fe77b60896c631424e4d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55270
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Jan 2023 17:09:42 GMT

GET
H2 200 5143.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ Frame C170 16 B
1 KB 216ms
153ms Script
text/javascript 2606:4700::6812:1e49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/5143.js?p=https://www.ncontracts.com/customer-login-content&e=

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
x-xss-protection: 1; mode=block
x-request-id: b4cd0d4f-065c-4e9f-b5f5-07508b2a724e
x-runtime: 0.004155
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 783d57fa3b9791e3-FRA

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ Frame C170 5 KB
3 KB 99ms
22ms Script
application/javascript 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 16:22:35 GMT
content-encoding: gzip
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 2827
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: F-h67rLeUTtURmlJ_ZBxYYl2wu4z0ho8gE8h2Un90ffa5Ny7WJpEQw==

GET
H2 200 pIUYSip8PKsGpxhxzC1V Show response
ws.zoominfo.com/pixel/ Frame C170 2 KB
2 KB 257ms
196ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/pIUYSip8PKsGpxhxzC1V

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d9b44d638fb6525e7083d11833191b3b0caeaf8963ac8f0750a6335df1c1256b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 783d57fa3e3d9030-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame C170 59 KB
13 KB 89ms
32ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=52b962c594
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/52b962c594.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
via: 1.1 71bd5e55a3de237ad7e672fa39086756.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: BOM78-P6
age: 1797410
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tV0C6M9d1JVH4xpncY7V%2BjtDutrlvwXRKW92y4SteqtyWWkdCN4DK0bUWajR5ZY5GiSlmG5pmOMbkq0EDDvbvzSexVw56GvJ7BJb7OLrxFPrWQQ8Y1MzU3tmMuTX%2B2hcjJtzzAjociG1Aee1KjSq28HgEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 783d57fa2d5c91d5-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Cxuch4CIn1Gh1IReZ7Xb6DETjW6mciCI2hm04dvYbGshg1AFqgOUmA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame C170 26 KB
5 KB 91ms
34ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=52b962c594
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/52b962c594.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 1633707
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xW50i09ecBByz7z9p6%2BlMSzOONIfc%2FfPaV7TPfzPM2NOtujjZ25pdL19qYRqwlOJZ30%2F7Zs4%2F62tTBTRS0cVwQl1m%2BF5TysgFgLFjNFu1RwaHWGuFB%2BmD94zcrgTPgr34VvITbEMu0wbIE1DbWTKqGQVkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 783d57fa2d6191d5-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 3DgOwzIzgwn_XLw_JMGw-E7dfLZCVqGCgVtBmHw_58ODkRmiM3pEUA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame C170 3 KB
2 KB 88ms
31ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=52b962c594
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/52b962c594.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 9729302
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65y1e2YK6dQc%2BB95zCXfSJc8udKkrgP1DT6h7yqiyYqyFSP9anr5N0H7OquW7thgmfuaWeNpbDAq8ri1nJBV2SlaOhSE8iEfV5ADr6kiMEJ3mj1jWPvYMc%2Fd3XLNJ5i1wXb3ywSx%2FXIYv%2BF4yrBn3%2Be5gw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 783d57fa2d6391d5-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 0sp6In9DVCX2pOeNnxa45mP60hjnMwZcaqIpeuTImWGD946mGyPR4g==

GET
H2 200 oktrk.js Show response
static.oktopost.com/ Frame C170 9 KB
4 KB 92ms
21ms Script
application/javascript 65.9.66.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oktopost.com/oktrk.js
Requested by: Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 05:22:02 GMT
content-encoding: gzip
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 09:47:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 42467
etag: W/"57315c24d6fec75c4d46a8cc3fa6e0d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JtOKPrJJa8ZKJuY66RYbTwoekAR_gbZt4_pd-YTJcStjqoCkTqAZtg==

GET
H2 200 hotjar-3254782.js Show response
static.hotjar.com/c/ Frame C170 8 KB
4 KB 130ms
59ms Script
application/javascript 13.32.27.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3254782.js?sv=6

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-7.fra56.r.cloudfront.net

Software

Resource Hash

aa078ce1dbb919f5f1127ce3195096b426ad3119a14f26361322e030a3bf8be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/adff9940744426b2b20ad32eecf06be1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: k__JxcjERdFS1gOSe9wsnVBvQkLxcaBjhWcK6ngTW-wX-1SuKIo3Jg==

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ Frame C170 54 KB
12 KB 99ms
42ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: www.ncontracts.com
URL: https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159815009/1608614442472/_TEMPLATE_PACKS/Manufacturing/Coded_Files/footer_new.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159815009/1608614442472/_TEMPLATE_PACKS/Manufacturing/Coded_Files/footer_new.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TMQZWQ49A4V7W6XS
age: 29764225
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: VnaScKxV6Dz5Jdu/TGmhaFLj4h9yCM6T81Q9rAHQiagOYgIHou1a4X5fZ6ozf8zx+qVWhLivI+c=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8xmv07%2Ff4iGVX6cizv6LaZAuxjSBPqMH03C2UQocno3lNv8Dss4mseZoHzb9UebfzD3HGXXe%2BH8XSUeZGZV36S%2BYOYTJvYQt3o7oLcyimRvY88kToQ7M%2BCm61ho2aAvHJiK9oMogOBwpz2myy%2BUBLG0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 783d57fa3a8c6987-FRA

GET
H3 200 css
fonts.googleapis.com/ Frame C170 30 KB
1 KB 133ms
60ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159815009/1608614442472/_TEMPLATE_PACKS/Manufacturing/Coded_Files/footer_new.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53f4cc30a0cdd34d16dfda9a1e410b541dd08c7711fc2a763045b812ba65150c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159815009/1608614442472/_TEMPLATE_PACKS/Manufacturing/Coded_Files/footer_new.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 16:55:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Jan 2023 17:09:42 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame C170 53 KB
2 KB 135ms
62ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159815009/1608614442472/_TEMPLATE_PACKS/Manufacturing/Coded_Files/footer_new.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

602830dab5a2a34657d51ead63e871a0aa0929336dc83ba823fec73815874ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159815009/1608614442472/_TEMPLATE_PACKS/Manufacturing/Coded_Files/footer_new.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 17:09:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Jan 2023 17:09:42 GMT

GET
H2 200 ping Show response
okt.to/ Frame C170 0
100 B 357ms
123ms Script
text/javascript 23.22.90.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://okt.to/ping?uri=%2Fcustomer-login-content&aid=001oh4srtq3p5g2&ts=1672765782146

Requested by

Host: static.oktopost.com
URL: https://static.oktopost.com/oktrk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.22.90.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-22-90-252.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
strict-transport-security: max-age=31536000;
content-type: text/javascript;charset=UTF-8

GET
H2 200 / Show response
settings.luckyorange.net/ Frame C170 25 B
668 B 220ms
157ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&s=260947

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c7954754ee5cde5d9c8ba7781b4a0f4427ca8fa7c1d54123c3a16320a653aa6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.ncontracts.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfIRFlE2RRvJEpURrOetg33jP%2FUraDImZQUKcj8d2PKp0NlmRrTOFg8ZXrYOJmAos74TGGi4C2D79gMGUtbIf4okPxGyMM5OmW6j46nof3TqAFxAbzYyx67VYqLdApjWUy52T8WXWaMDkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 783d57faeff291f3-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H3 404 47aa9f76 Show response
settings.luckyorange.com/ Frame C170 9 B
23 B 70ms
24ms Fetch 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/47aa9f76
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=47aa9f76
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer: https://www.ncontracts.com/customer-login-content
accept-language: de-DE,de;q=0.9
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-lucky-referrer: https://login.ncontracts.com/

Response headers

access-control-allow-origin: https://www.ncontracts.com
date: Tue, 03 Jan 2023 16:29:05 GMT
via: 1.1 google
access-control-allow-credentials: true
age: 2437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9

OPTIONS
H2 200 47aa9f76
settings.luckyorange.com/ Frame 0
0 189ms
136ms Preflight 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/47aa9f76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method: GET
Origin: https://www.ncontracts.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.ncontracts.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Jan 2023 17:09:42 GMT
via: 1.1 google

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame C170 1007 B
650 B 89ms
24ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5CWJ9K
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 03977ba375b0bf22db454b0a7813a24d4a5f7e51cc74bd2b3453a6a2aa3bcb23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: gzip
last-modified: Mon, 02 Jan 2023 15:53:24 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=73390
accept-ranges: bytes
content-length: 482

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame C170 103 KB
28 KB 81ms
24ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Jan 2023 17:09:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: h/LgPP28w+65XkUdoa2LI+5u2f8Tm2l3tp/wrF7IPyilI2XiGslgpKodHDpfEsbJ8nh9e1xWlo1u8F9buy/NNg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Gotham-ExtraLight.woff2
83340.fs1.hubspotusercontent-na1.net/hubfs/83340/Fonts/Gotham/ Frame C170 14 KB
15 KB 227ms
163ms Font
application/font-woff2 2606:4700:4400::6812:2128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://83340.fs1.hubspotusercontent-na1.net/hubfs/83340/Fonts/Gotham/Gotham-ExtraLight.woff2
Requested by: Host: www.ncontracts.com
URL: https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159846421/1664982120633/_TEMPLATE_PACKS/Manufacturing/Coded_Files/Manufacturing_style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8423b7207fcde819e316156a718544921ea09d7a5864bcc3887260a74514ea79

Request headers

Referer: https://www.ncontracts.com/
Origin: https://www.ncontracts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-28204082610,FD-28238182226,P-83340,FLS-ALL
x-amz-version-id: Cn8yyLqXwm6M_tSGpTBWUYlWF5pEFcwd
age: 132456
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
x-amz-request-id: WPF3H4BE0SZRPAQG
edge-cache-tag: F-28204082610,FD-28238182226,P-83340,FLS-ALL
cache-tag: F-28204082610,FD-28238182226,P-83340,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 14696
x-amz-id-2: lzE6GKcVFP0w4qju5FW+UUGIsOkmV5tdSmCRC0YyhK1h+6tBoOfNoyqa6qrOXdVtwRC7PIiUhEk=
last-modified: Fri, 10 Apr 2020 09:38:01 GMT
server: cloudflare
etag: "087346eef6a1f3e26e46627240859e6a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 783d57fb3efe6955-FRA
x-amz-cf-id: 3okUQpj7pth2CCrh6e_xLMUvWetcDyLOoRa96pXh8f50kt5fXmb_Hw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 Gotham%20Bold.otf
83340.fs1.hubspotusercontent-na1.net/hubfs/83340/Fonts/Gotham/ Frame C170 124 KB
125 KB 246ms
183ms Font
application/x-font-otf 2606:4700:4400::6812:2128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://83340.fs1.hubspotusercontent-na1.net/hubfs/83340/Fonts/Gotham/Gotham%20Bold.otf
Requested by: Host: www.ncontracts.com
URL: https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159846421/1664982120633/_TEMPLATE_PACKS/Manufacturing/Coded_Files/Manufacturing_style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88b3795f97ee469c9e30430b54d35c11cdf28c96e3e71d0122e37e6bf025c0b8

Request headers

Referer: https://www.ncontracts.com/
Origin: https://www.ncontracts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-28238272371,FD-28238182226,P-83340,FLS-ALL
x-amz-version-id: pKaZ4ThM2syG0VgHOWatqeFgQTVhweL5
age: 32521
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
x-amz-request-id: F0C1XGMQS1W4XE3J
edge-cache-tag: F-28238272371,FD-28238182226,P-83340,FLS-ALL
cache-tag: F-28238272371,FD-28238182226,P-83340,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 127472
x-amz-id-2: GQTHlJ0BXstHeA+A6e69t+Kbsm6eSMloglDK4AOTn2Wdf/6zc3qGg28kCZTgnVMxFUjbGb3fYOk=
last-modified: Fri, 10 Apr 2020 09:38:04 GMT
server: cloudflare
etag: "722c5f898bbca8b2eb3fce0287688326"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 783d57fb3f076955-FRA
x-amz-cf-id: KF06doKJ5q3q5Ta16VuwAdwjf6eggyfWSZ76oSjeRRoKZR7JoesQ9w==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 Gotham%20Light.otf
83340.fs1.hubspotusercontent-na1.net/hubfs/83340/Fonts/Gotham/ Frame C170 123 KB
124 KB 203ms
139ms Font
application/x-font-otf 2606:4700:4400::6812:2128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://83340.fs1.hubspotusercontent-na1.net/hubfs/83340/Fonts/Gotham/Gotham%20Light.otf
Requested by: Host: www.ncontracts.com
URL: https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159846421/1664982120633/_TEMPLATE_PACKS/Manufacturing/Coded_Files/Manufacturing_style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb5f2c3557023f9aebd1315f78deceb2f5852d3680124fe1e96effc075df3170

Request headers

Referer: https://www.ncontracts.com/
Origin: https://www.ncontracts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-28238182234,FD-28238182226,P-83340,FLS-ALL
x-amz-version-id: GQeQTbMsve0WCneJj303AEeUnq3qfkJG
age: 132456
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
x-amz-request-id: Q80BQ1GNN4J0CKDW
edge-cache-tag: F-28238182234,FD-28238182226,P-83340,FLS-ALL
cache-tag: F-28238182234,FD-28238182226,P-83340,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 125704
x-amz-id-2: HqYqTfnWps8AZAYHqng8llg/amjUE8EOo/HVT2k/8FiPAJYuvj4gmLcsLZJ5vQEyGmjoZi+zudVeHPPLsWmeZA==
last-modified: Fri, 10 Apr 2020 09:38:04 GMT
server: cloudflare
etag: "bceda3fae660177ae570735feec62811"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 783d57fb3f0b6955-FRA
x-amz-cf-id: NlVHjsqkRNClgvVcwF3gJNBRg0sUN6mgxrYg2OedKZ-XznqruYdhbA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 gotham.woff2
83340.fs1.hubspotusercontent-na1.net/hubfs/83340/Fonts/Gotham/ Frame C170 19 KB
20 KB 222ms
164ms Font
application/font-woff2 2606:4700:4400::6812:2128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://83340.fs1.hubspotusercontent-na1.net/hubfs/83340/Fonts/Gotham/gotham.woff2
Requested by: Host: www.ncontracts.com
URL: https://www.ncontracts.com/hs-fs/hub/83340/hub_generated/template_assets/27159846421/1664982120633/_TEMPLATE_PACKS/Manufacturing/Coded_Files/Manufacturing_style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90c251bb0d6ac5249279f6e388dd65e6bf87f338c6745ac245feed471d3e2f75

Request headers

Referer: https://www.ncontracts.com/
Origin: https://www.ncontracts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-28238083256,FD-28238182226,P-83340,FLS-ALL
x-amz-version-id: JJO4Bba6U9RlMWGy86kzT0.wHfEFL0AN
age: 132456
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
x-amz-request-id: C8H85HZ1EWS16CGD
edge-cache-tag: F-28238083256,FD-28238182226,P-83340,FLS-ALL
cache-tag: F-28238083256,FD-28238182226,P-83340,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 19632
x-amz-id-2: JcSrsPIoTxj8NwuFe2aQ/7N9wp7Ru4yRdnTu+Nc9MpOe2WcLfJCaHUzWT9DFhv2Xl9A3Vg4J4Uod1mH9ftdWbA==
last-modified: Fri, 10 Apr 2020 09:38:02 GMT
server: cloudflare
etag: "c1c241f75e3f6a3ca85de5a7ac4e0559"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 783d57fb3f0c6955-FRA
x-amz-cf-id: -z0qqJ50Bkpq35F7qXtaG44v9IK5DB8MfmOWPfvh6JPgJbAf6tvmZQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 modules.352fddba5b21bbfc3a08.js Show response
script.hotjar.com/ Frame C170 264 KB
68 KB 87ms
26ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3254782.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1069357
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68894
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
etag: "3256c76707175033b83ffe82f89b32ec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4b18TirdzLr-nizSzccWNiGajSYQyMLqD_w8K2s8VLqzJoxShrT3MA==

GET
H2 200 83340.js Show response
js.hs-banner.com/ Frame C170 60 KB
16 KB 478ms
430ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/83340.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/83340.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ec8e941fd9c4cc9196f771e1f1521c99b50f45cd35df95ae3fc9bb455653aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
x-amz-version-id: GbvHCzYAexJ.Qel5JBkqftEYTkmONc3c
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: BY1Q5ZP8VMPGPH9R
x-amz-server-side-encryption: AES256
x-amz-id-2: 7zbpF3aojKmO+3D+gPklj3Ip1K2EQK4x7pydjBzXVd/Tv5xmxDKr1wy8q5dygF/aTKJzIi2++bY=
last-modified: Tue, 25 Oct 2022 19:52:42 GMT
server: cloudflare
etag: W/"0f67a1d306db471f5a9827c681611a07"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.ncontracts.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 783d57fb7a9e8ffb-FRA
expires: Tue, 03 Jan 2023 17:14:42 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ Frame C170 73 KB
21 KB 86ms
32ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/83340.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6316a4374bb7214efc3e9381f4f3765093e486b19917e460025c3735e61209c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
x-amz-version-id: IRBAourqhsvPJ6n.778Qz1e7WZv1jTSX
via: 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 527
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.11630/bundles/project.js&cfRay=783d4b1c59f4904c-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 03 Jan 2023 04:00:40 UTC
server: cloudflare
etag: W/"b4d04a32ffe7f4d8bf7e0bc89d246ef7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 783d57fb8c6c900a-FRA
x-amz-cf-id: IUZaBwVmpaVgWoW9rn2jNalr0EY-7edlLQ8vvGwX8S1O3qlJnFsR3g==
x-hs-target-asset: conversations-embed/static-1.11630/bundles/project.js

GET
H2 200 83340.js Show response
js.hs-analytics.net/analytics/1672765500000/ Frame C170 67 KB
21 KB 223ms
173ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1672765500000/83340.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/83340.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e222eca142f632919a27690d88ec6f73f98d4bea48c046c17d19a7b129c58429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 3QNA50XYSJ62SRXH
x-amz-server-side-encryption: AES256
x-amz-id-2: 928KwQlHBYDHYscqA0lkFIOm5qnQEv3E/WXtDBbgr4t+Hh+fjUXSrz4Mu3PUtFyHIcWBdaVPSQA=
last-modified: Thu, 01 Dec 2022 14:01:17 GMT
server: cloudflare
etag: W/"6f9a1732e88e9dc3a1cd2bce0a63e630"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 783d57fb89805ca4-FRA
expires: Tue, 03 Jan 2023 17:14:42 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ Frame C170 6 KB
3 KB 83ms
33ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/83340.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04fcb0932b99d355532ecdad3ff051e3c503b176dc1176dddc017e7f1523516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
x-amz-version-id: Pzk5Y6yW4FTLubLBTP3MgGAHjRxytAJ0
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 285
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.304/bundles/pixels-release.js&cfRay=783d51051aa91623-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 03 Jan 2023 01:54:30 UTC
server: cloudflare
etag: W/"83a5a8783c71c1074cc34ecd8c8615de"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 783d57fb8c2f6951-FRA
x-amz-cf-id: _-5U0b1AH6CfazPD_uKN7-JY4IbcN5KwKHGcDYShPQAp8qTUXQGwcQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.304/bundles/pixels-release.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ Frame C170 548 KB
88 KB 101ms
47ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/83340.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05da620e7bac78cd141e1a7f7005bf9e1eaf93837514ff265d5efd9fdda7ee11

Request headers

Referer: https://www.ncontracts.com/customer-login-content
Origin: https://www.ncontracts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
x-amz-version-id: WdFozKBx4SUx.lzBGe8mkR8wgVUrEMev
via: 1.1 6d5b0fa46ef77b2ff227bdbcee6603ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD55-P4
age: 28334
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1120/bundle/main/lead-flows-release.js&cfRay=783aa43b0af9915c-IAD
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 17 Nov 2022 02:20:30 UTC
server: cloudflare
etag: W/"74fae7dd863591ed0e85827bc178f500"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 783d57fb9ce69b9e-FRA
x-amz-cf-id: 2qPdg6oI7HVMcwhMYm_s_rOviSVqyJP9Ab8ZBGaiByhTyh_6e1t51g==
x-hs-target-asset: lead-flows-js/static-1.1120/bundle/main/lead-flows-release.js

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame C170 13 KB
5 KB 23ms
23ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3fe29b8c78990a7b9438b55099db5603e79ad1438a8c3efab09cedf8eb415b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: gzip
last-modified: Sun, 01 Jan 2023 17:38:29 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=74142
accept-ranges: bytes
content-length: 4773

GET
H3 200 253975055922633 Show response
connect.facebook.net/signals/config/ Frame C170 292 KB
84 KB 235ms
211ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/253975055922633?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19a94eaca1c45c738d3e4903c37745ef50af48e0c3fede3f11b1a45f20eefe53

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Jan 2023 17:09:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: anocOZ+TDHQnn3xn4+5C0Vl7DKL4XjCYEiEl5vNyWu40MwI7rXrfHghPQurNn9uj2+jGYFd05EbG+AWSy56Ifg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/1640833/domain/ncontracts.com/ Frame 0
0 90ms
21ms Preflight 2600:9000:206f:0:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1640833/domain/ncontracts.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:0:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ncontracts.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 68487
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 02 Jan 2023 22:08:15 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-id: L-WpBSmRDOysBlSy5MUBLFyOGPLngrygJoJp6hTTkDybhoW8BCe6qw==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1640833/domain/ncontracts.com/ Frame C170 36 B
377 B 23ms
22ms XHR
application/json 2600:9000:206f:0:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1640833/domain/ncontracts.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:0:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.ncontracts.com/customer-login-content
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 03 Jan 2023 12:02:28 GMT
content-encoding: gzip
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 18434
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=24608
x-amz-cf-id: -qJepEZLNyoGz8sKLf65aZxvcjSQ2yy1e7LJYje7nDwVPKpdP2V08w==

GET
H2

200

collect
px4.ads.linkedin.com/ Frame C170
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1640833&time=1672765782319&url=https%3A%2F%2Flogin.ncontracts.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1640833%26time%3D1672765782319%26url%3Dhttps%253A%252F%252Flogin.ncontracts.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1640833&time=1672765782319&url=https%3A%2F%2Flogin.ncontracts.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1640833&time=1672765782319&url=https%3A%2F%2Flogin.ncontracts.com%2F&liSync=true&e_ipv6=AQLcFzNsbz4edgAAAYV4nDscHIh33dKo0jDlH9x-evUn2NzEH3PS7nEn6...

0
483 B

231ms
170ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1640833&time=1672765782319&url=https%3A%2F%2Flogin.ncontracts.com%2F&liSync=true&e_ipv6=AQLcFzNsbz4edgAAAYV4nDscHIh33dKo0jDlH9x-evUn2NzEH3PS7nEn6vz6XzlnVs2xPQXUNTOF
Requested by: Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:43 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5B9CB0D36BD845C492F2C3C9870C618A Ref B: DUS30EDGE0417 Ref C: 2023-01-03T17:09:42Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-ltx1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXxXyJKfIcGW+mt6ul3Uw==

Redirect headers

date: Tue, 03 Jan 2023 17:09:42 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4D26630C5874486F919555CA1BDE68C8 Ref B: FRAEDGE1214 Ref C: 2023-01-03T17:09:42Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1640833&time=1672765782319&url=https%3A%2F%2Flogin.ncontracts.com%2F&liSync=true&e_ipv6=AQLcFzNsbz4edgAAAYV4nDscHIh33dKo0jDlH9x-evUn2NzEH3PS7nEn6vz6XzlnVs2xPQXUNTOF
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXxXyJGvLrs5aTiEzbawA==

GET
H3 200 widget Show response
www.ncontracts.com/_hcms/livechat/ Frame C170 3 KB
4 KB 210ms
210ms XHR
application/json 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncontracts.com/_hcms/livechat/widget?portalId=83340&conversations-embed=static-1.11630&mobile=false&messagesUtk=443a879ef0c84ac0ada9eb4b914726a9&traceId=443a879ef0c84ac0ada9eb4b914726a9&referrer=https%3A%2F%2Flogin.ncontracts.com%2F

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b0edf2697a7e316f3032179ab8797e80d01ec950b2d3d636438defd1df5df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ncontracts.com/customer-login-content
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 259458ae-e242-43bc-90ce-930251d40660
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BA33A786DFB35303E8FD7B21601DEBDAC7163D88A000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3j6frKrxZdIrELkUkM%2BoENeYDJBkJ%2B1YMGCcYuVD0QfXTyikwU3mJrjHI1hjFhHgklT4fIyqdsMlckTfblj32rxcVPU7nvaAJnRgbVd2Ov6Cwgo39vZP8xAhtZAaycXwwIhwQdT0ZTK5KOq0%2BYeVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 783d57fc595e920d-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame 6DB2 287 KB
92 KB 77ms
29ms Script
application/javascript 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb

Request headers

Referer
Origin: https://www.ncontracts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:29:48 GMT
content-encoding: gzip
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2792395
x-cache: Hit from cloudfront
last-modified: Fri, 02 Sep 2022 19:59:47 GMT
server: AmazonS3
etag: W/"6a7ba000cc0f3518baa46608eb12410c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: B5MTi3EyHnvJYXPtQSekgsNuPhC8nZhJzOOnRiymCZwWr5tmyD8BpQ==

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame 5E57 2 KB
1 KB 103ms
24ms Document
text/html 143.204.215.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3254782.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-95.fra53.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.ncontracts.com/customer-login-content
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2723260
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 04:42:02 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-id: PBZ5XEcr3F_XZL2a_Lao-RDZECGd1w3TFMkfuuKtyzO5T-vS1BXLhw==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 /
www.facebook.com/tr/ Frame C170 0
185 B 76ms
23ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=253975055922633&ev=PageView&dl=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&rl=https%3A%2F%2Flogin.ncontracts.com%2F&if=true&ts=1672765782602&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672765782600.1424141654&it=1672765782303&coo=false&rqm=GET

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 03 Jan 2023 17:09:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/3254782/ Frame C170 148 B
322 B 151ms
50ms XHR
application/json 54.171.56.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/3254782/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.56.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-56-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer: https://www.ncontracts.com/customer-login-content
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 443a879ef0c84ac0ada9eb4b914726a9 Show response
app.hubspot.com/conversations-visitor/83340/threads/utk/ Frame 6DA1 51 KB
19 KB 303ms
255ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/83340/threads/utk/443a879ef0c84ac0ada9eb4b914726a9?uuid=01156e18917e421fb37d96c575c27905&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ncontracts.com&inApp53=false&messagesUtk=443a879ef0c84ac0ada9eb4b914726a9&url=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

213a99dd35634ed35890e50af66e37a890225b0dc6c0c6f8180704f3e528340b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ncontracts.com/customer-login-content
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 1141
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 783d57fdf8b1bb8b-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.14082/html/index.html&cfRay=783d57fdf8b1bb8b&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F83340%2Fthreads%2Futk%2F443a879ef0c84ac0ada9eb4b914726a9%3Fuuid%3D01156e18917e421fb37d96c575c27905%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dncontracts.com%26inApp53%3Dfalse%26messagesUtk%3D443a879ef0c84ac0ada9eb4b914726a9%26url%3Dhttps%253A%252F%252Fwww.ncontracts.com%252Fcustomer-login-content%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dtrue&referrer=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&cfenv=prod&pdt=2023-01-03&csp=ro
content-type: text/html; charset=utf-8
date: Tue, 03 Jan 2023 17:09:42 GMT
etag: W/"66b7a111796bbb22d99a94bb3971bd09"
last-modified: Tue, 03 Jan 2023 04:00:40 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=783d57fdf8b1bb8b&resource=conversations-visitor-ui/static-1.14082/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
x-amz-cf-id: rsKQqe762-NjK4KUIPfhAkAvohI1YS1jeUPCmliXWtQeKKEWdj5soQ==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: fNaiY2U.dlB1IYGSK8EEljuij6ILHPec
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.14082/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C170 49 KB
20 KB 129ms
36ms Script
text/javascript 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Jan 2023 16:27:19 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2543
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 03 Jan 2023 18:27:19 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame C170 147 KB
54 KB 81ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T5CWJ9K

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d46d37aa1dd8841e6a79e5ec46e5362f5aaad176ea10f2abee04ab07047cc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55265
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Jan 2023 17:09:42 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ Frame C170 206 B
896 B 215ms
161ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=83340

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd648e38ce96deb37eeecc6e91eb059817d1a43bba99ddfaa1aa89c55cd93e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e57fcc33-7f59-46dd-af42-64cacac63911
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B6A3AA2B8F0A5CCF55B5ADDB31397963F5652F5A2000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ncontracts.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BAo8%2B2%2FBe7zIm3j8rv7Y5gcTeeVTloTKU98Ypb%2FZ0nkFkpsPYMkyWDXOCWZWT2pAnDwsl9fYFFeWu7EjEY6QqHU0MakL7PoQaJqB1DBTMA5VsUPe0TDxJrmtrnomFPa0MN%2FbSbuDdqGbQhr"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 783d57fe9d59920d-FRA
access-control-allow-headers: *

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame C170 4 B
24 B 131ms
57ms XHR
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1418647652&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&dr=https%3A%2F%2Flogin.ncontracts.com%2F&ul=en-us&de=UTF-8&dt=Ncontracts%20Login%20Page&sd=24-bit&sr=1600x1200&vp=533x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=252956589&gjid=1818448751&cid=1630665767.1672765783&tid=UA-9444305-1&_gid=132745295.1672765783&_r=1&_slc=1&z=1448026766

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ncontracts.com/customer-login-content
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 17:09:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ncontracts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.245/ Frame 6DA1 44 KB
17 KB 88ms
38ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/83340/threads/utk/443a879ef0c84ac0ada9eb4b914726a9?uuid=01156e18917e421fb37d96c575c27905&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ncontracts.com&inApp53=false&messagesUtk=443a879ef0c84ac0ada9eb4b914726a9&url=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5876c2096fc247c54eb08226f1e290b4127c7843c41003ec42041bc9cb3ec022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:43 GMT
x-amz-version-id: cXTDvGuwbPuMrVAW0W63IbeHNqDKyRYR
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 981009
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Nov 2022 16:12:00 GMT
server: cloudflare
etag: W/"d0d928e20b2bebe8d43d510597af50e3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2Fa4mDTPPEMjalRJ5lvCT6drJ0jyOP4BGBi1FNJGkZEi%2BV%2Fpa97XCEJff9dOUDMW4DvuQyjhVvwRhVmSLLt9Vq3s8kURjR6R1icY4R80i9hhsabzjXcoR0gYyth2njijfK9k1BLCcij1Z7bIu4yWpJHc0mk%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 783d57fffeec2be6-FRA
x-amz-cf-id: H-JOuJqRChtniFzHDPzFF-xlSFUcDWfIkkpSuPWlJ85xvZg4rPIFzg==
expires: Wed, 03 Jan 2024 17:09:43 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.13884/sass/ Frame 6DA1 20 KB
4 KB 97ms
48ms Stylesheet
text/css 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13884/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b7bd1989f03f297ee3eb31e02148f3b00de8752e57edf8820d9e4d6efd223a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:43 GMT
x-amz-version-id: hYgqjzdqx6QyhZH807FkloiLc0TGhAXY
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 981014
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Nov 2022 19:04:10 GMT
server: cloudflare
etag: W/"0e729a3fa047d67852c356071b611db3"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thKVvw0PQMqlHzYNEXroTd5WGB1g4iJBBmJyq0SzpoxHQNvWM3nUM2e0N3jfXr6EdV5Vl1%2BG3VCWNcPAv7Pr9OjQyvaWN7N2nGi8y8owA621OeiAsprwo11QosccrJ%2F0hkab68HR4XewTRbwn8IJPMTPst4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 783d57fffdf02bb6-FRA
x-amz-cf-id: SKnBgZ44LTPKLgU6r1Y2LwG0hOjuYn5A7hpZCPVKdVywKtF8oCpMbA==
expires: Wed, 03 Jan 2024 17:09:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame C170 186 KB
67 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1019499669

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cebc067b2a2cc9019610a8849cc758724be635185445d76e7cd1aab1c5aa6d20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68895
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Jan 2023 17:09:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame C170 186 KB
67 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1019499669&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5CWJ9K

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

357a23682d66085d3c04a73bc0fd58511db1ee788f7718f5c561d8b26a57d948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68902
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Jan 2023 17:09:42 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame C170 1007 B
650 B 23ms
23ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 03977ba375b0bf22db454b0a7813a24d4a5f7e51cc74bd2b3453a6a2aa3bcb23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:42 GMT
content-encoding: gzip
last-modified: Mon, 02 Jan 2023 15:53:24 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=73390
accept-ranges: bytes
content-length: 482

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.343/ Frame 6DA1 296 KB
94 KB 83ms
39ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.343/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47a77fecf18898c57b3230fec268fb5606d305019f1355bbf83f35f8a0266caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:43 GMT
x-amz-version-id: hQDI4P9xHpD4BOS0BZEWR1UpG43hOSbP
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
age: 594498
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Dec 2022 15:44:11 GMT
server: cloudflare
etag: W/"fdb4277aeb69e6c56e6e78d943aec81e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMBrEposIUFTEV3iMUjYMccpsSjjKgU3ZCeO5l5vsaTFoumLdLrYNLBClOFDTpAR2X6Zg719wILS%2Bnzm4fmcPhYEF90zD8LXz3xaJe9mxJVXJcJUtfF1Cz3xkerR94mCY5rfhL7%2FQsY5OaRlIMl55ljnffc%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 783d57fffeed2be6-FRA
x-amz-cf-id: OyVTVvx014klv3NfkJA80cmoIV4f3kf-bsUto1q2gM7fBWk27E3Odw==
expires: Wed, 03 Jan 2024 17:09:43 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.14082/bundles/ Frame 6DA1 586 KB
172 KB 90ms
47ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14082/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

059b2a54ace784800b518565668b7581090cc7fdc3732d8da24970b870b0d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:43 GMT
x-amz-version-id: KiViXdTQPYMikQjz5MLCic2lONCdsmcV
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 4135
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 03 Jan 2023 15:47:07 GMT
server: cloudflare
etag: W/"85fe1fec6dffcd16ae9a97ac40fcb8ff"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmpVKLiRUe%2FnRZX%2F1rpeuqYYToJF6MlYl6cF54D8MBNHYFZbGDV1TRi3flsYrmT83%2BcgE1PQF9xDkAJ%2F2ygBHwMg1%2Br5hJ9Emq5YCTptPnJ8kP9AjmwV5Py0%2FFmSakane8rkPiiz0xogoms%2BCqbTHHCo7Rc%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 783d57fffef22be6-FRA
x-amz-cf-id: -1hT0PS1Bfa0zK1iRyuk6YOrAgsQm30lt_NebiyHExqrimv-qwCobQ==
expires: Wed, 03 Jan 2024 17:09:43 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame C170 13 KB
5 KB 23ms
23ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3fe29b8c78990a7b9438b55099db5603e79ad1438a8c3efab09cedf8eb415b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:43 GMT
content-encoding: gzip
last-modified: Sun, 01 Jan 2023 17:38:29 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=74141
accept-ranges: bytes
content-length: 4773

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame C170 4 B
444 B 87ms
29ms XHR
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-9444305-1&cid=1630665767.1672765783&jid=252956589&gjid=1818448751&_gid=132745295.1672765783&_u=IEBAAEAAAAAAACAAI~&z=103545035

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ncontracts.com/customer-login-content
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 03 Jan 2023 17:09:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ncontracts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1019499669/ Frame C170 2 KB
1 KB 180ms
85ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1019499669/?random=1672765783057&cv=11&fst=1672765783057&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&ref=https%3A%2F%2Flogin.ncontracts.com%2F&tiba=Ncontracts%20Login%20Page&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1806370370.1672765783&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1019499669

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b640a52d29fdef57a1c6112972d8ab6fe0fd3f4e14f3fecac6858d0d892861c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 17:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 898
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame C170 0
18 B 47ms
22ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=253975055922633&ev=Microdata&dl=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&rl=https%3A%2F%2Flogin.ncontracts.com%2F&if=true&ts=1672765783104&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ncontracts%20Login%20Page%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%22%2C%22og%3Atitle%22%3A%22Ncontracts%20Login%20Page%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672765782600.1424141654&it=1672765782303&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 03 Jan 2023 17:09:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 ga-audiences
www.google.com/ads/ Frame C170 42 B
501 B 99ms
49ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-9444305-1&cid=1630665767.1672765783&jid=252956589&_u=IEBAAEAAAAAAACAAI~&z=1465580921

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 17:09:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame C170 42 B
501 B 98ms
47ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-9444305-1&cid=1630665767.1672765783&jid=252956589&_u=IEBAAEAAAAAAACAAI~&z=1465580921

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 17:09:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13999/ Frame 6DA1 776 B
1 KB 63ms
37ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13999/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.14082/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df64d64810052218d1c083e1bcf45e4fae2f972879a0928b81b8bfe4fd8c27d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:43 GMT
x-amz-version-id: H95IoIXm8BglMNCwpDfkD_PTva4.Qjnp
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 1805427
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 Dec 2022 22:36:55 GMT
server: cloudflare
etag: W/"ffc83dec8d5478899f21f43c06da8205"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEqd3YnH6mmYdj9hRlXYZ0QDpC%2F6lhyPeHcBxyYR%2FWrrCybd%2BNMIeH9Ig2cUWq%2BUQMVNLeQbuWL0FAfz8xZIXdw70DV0r6oqn0%2B1%2B7klF%2FREtzUmvr6alNaeEBMjUdyQ5KsIifL4mxNlV1QcOYZ8uNjpCZY%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 783d580138fa8fd4-FRA
x-amz-cf-id: te_xDV2G8V-vBQJwNLjwhAUKXayEvWaS1mfgscQwv9grWBTG6hy29w==
expires: Wed, 03 Jan 2024 17:09:43 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1019499669/ Frame C170 42 B
64 B 86ms
35ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1019499669/?random=1672765783057&cv=11&fst=1672765200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&ref=https%3A%2F%2Flogin.ncontracts.com%2F&tiba=Ncontracts%20Login%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2105949377&rmt_tld=0&ipr=y

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 17:09:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1019499669/ Frame C170 42 B
64 B 97ms
48ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1019499669/?random=1672765783057&cv=11&fst=1672765200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&ref=https%3A%2F%2Flogin.ncontracts.com%2F&tiba=Ncontracts%20Login%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2105949377&rmt_tld=1&ipr=y

Requested by

Host: www.ncontracts.com
URL: https://www.ncontracts.com/customer-login-content

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 17:09:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 6DA1 0
1 KB 303ms
276ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.14082

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.14082/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/83340/threads/utk/443a879ef0c84ac0ada9eb4b914726a9?uuid=01156e18917e421fb37d96c575c27905&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ncontracts.com&inApp53=false&messagesUtk=443a879ef0c84ac0ada9eb4b914726a9&url=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 03 Jan 2023 17:09:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 036bffe4-0966-4462-980e-2590b5217d5e
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BELMig8UGaSh2su0dlrFlY8ypRU0uO%2Fijb5Ocu63KIDjR0wvme8kwW8No0%2F6crDsW9kMx3Hrvr5rvEjNA72LAJnQycOZ6Jw9I4thOuZxuQAnzIxG%2FDFbjql9UcTvsXTLwu7r2q0CKwcRzUU4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
cf-ray: 783d580259309237-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

GET
H3 200 welcomeMessages Show response
app.hubspot.com/api/livechat-public/v1/bots/public/bot/1811215/ Frame 6DA1 973 B
1 KB 294ms
272ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/1811215/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.14082&conversations-visitor-ui=static-1.14082&traceId=443a879ef0c84ac0ada9eb4b914726a9&sessionId=AMOaWbIAYLQhXKR5QA0AIhqFNm30iZpNmRYmXWWX14wu6d1tumcPWF-Kgqzu9QY_ICnEyJu4668Q50QZDWWxyObmhsewYx7pCj6_UabOeBUxdREg3KtZt_nI8bA5jSYOuDSw3lCD8kbIeNaTbgYG-BA3gb49n5nZEQWdxtYwiZ8SBdkGsHsXgUw

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37253385214529ed5414d04e200351c9df358c92668980fa24a2e140e42092f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/83340/threads/utk/443a879ef0c84ac0ada9eb4b914726a9?uuid=01156e18917e421fb37d96c575c27905&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ncontracts.com&inApp53=false&messagesUtk=443a879ef0c84ac0ada9eb4b914726a9&url=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 83d5967a-c91a-4846-8367-351a2ab89275
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B03FAB524E40E3B29C21FE5FFDA08032F55AB60C5000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOFrua6uHekAC2M7skoUTwsrnewUYzRVbFIvcNMBNKfl3iGLFrwJJvHgseVhYv%2BQm4Sr7%2BjWfDi5FkgAtiSOYt3ODeWCIdZPLOAkhldhsBSZTghpaLVKBicdFkRCFahM30CqL6WAH19MJaX3%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 783d5802592e9237-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 __ptq.gif
track.hubspot.com/ Frame C170 45 B
533 B 188ms
188ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3792703849&v=1.1&a=83340&pi=35617585028&ct=landing-page&ccu=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&cpi=35617585028&lpi=35617585028&lvi=35617585028&lvc=en&r=https%3A%2F%2Flogin.ncontracts.com%2F&pu=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&t=Ncontracts+Login+Page&cts=1672765783357&vi=e20ccbb0cea4d9406a04827a65f82fa0&nc=true&u=45549371.e20ccbb0cea4d9406a04827a65f82fa0.1672765783353.1672765783353.1672765783353.1&b=45549371.1.1672765783353&pt=0&cc=15

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/auth/login?referrer=b8a966ff-ba2d-4302-bbe4-08290a0e11f4&ReturnUrl=%2fDashboard%2fpublic%2findex.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d9512d69-c744-4c19-a60b-a503b2c49575
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hs6Wor9TTNUxDqT9mRCSB%2BC7scfD1mGNzRtoKSU93UiMMSaXUYWbcvCeZ41pjtn4CfDZ9O371Rh7LmDCwq8FgIfOi3Uj79%2F307q9FnCyA%2B6igMjFekI8JQiY82Yh9ncfWSsBzwoMqCGhtRwyYoV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 783d5802099abb8b-FRA
x-robots-tag: none

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ Frame C170 0
213 B 189ms
46ms XHR
text/plain 34.242.58.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5e4c5ea266850900080004dc&sAW=1600&sAH=1200&bIW=533&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=42&cE=91&dLE=42&dLS=1&fS=0&hS=63&rE=-1&rS=-1&reS=91&resS=1266&resE=1269&uEE=-1&uES=-1&dL=1271&dI=2280&dCLES=2281&dCLEE=2293&dC=3187&lES=3187&lEE=3201&s=nt&title=Ncontracts%20Login%20Page&path=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content&ref=https%3A%2F%2Flogin.ncontracts.com%2F&sId=madv0ora&sST=1672765783&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5e4c5ea266850900080004dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.58.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-58-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 03 Jan 2023 17:09:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ Frame C170 254 B
1 KB 268ms
208ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=83340&utk=e20ccbb0cea4d9406a04827a65f82fa0&__hstc=45549371.e20ccbb0cea4d9406a04827a65f82fa0.1672765783353.1672765783353.1672765783353.1&__hssc=45549371.1.1672765783353&referrer=https%3A%2F%2Flogin.ncontracts.com%2F&contentId=35617585028&currentUrl=https%3A%2F%2Fwww.ncontracts.com%2Fcustomer-login-content

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1b3d44e13f252a4407fe9283951714cef49dd16ffc42daf39cc3a01dce11932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncontracts.com/customer-login-content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:09:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ebcd6a7a-7c47-4641-9abe-243e5b74d937
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ncontracts.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpP7R%2BOmR%2FkL6OMpci0MYxEdfphAjxHufCApZx94drlDMqd0uzJjVU9u0pky2x%2B1lBwabb7o%2Be9lljRmZmveUqww%2BMVrr10VzacC483q%2BzqKHcU29XHcJQVcfFve2KUDRDOACJq%2BgdBzqLMzsBZ3"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 783d5802cc9b90e8-FRA

POST
H/1.1 200
OK rb_bf76460olz Show response
login.ncontracts.com/ 123 B
1 KB 166ms
165ms XHR
text/plain 52.189.64.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: login.ncontracts.com
URL: https://login.ncontracts.com/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.189.64.195 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Apache 2.0.59 Commodore C64

Resource Hash

4c1684e6209c0a79fbf7fefd5d5dfc4e40f7c150ff8a048d3bce346bdc18b0bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://ncontracts.com https://.ncontracts.com http://ncontracts.com http://.ncontracts.com https://fullstory.com https://.fullstory.com http://fullstory.com http://.fullstory.com https://bancintranets.com https://.bancintranets.com https://.questsoft.com https://*.complianceeagle.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	Nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.ncontracts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 03 Jan 2023 17:09:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: Nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors https://ncontracts.com https://*.ncontracts.com http://ncontracts.com http://*.ncontracts.com https://fullstory.com https://*.fullstory.com http://fullstory.com http://*.fullstory.com https://bancintranets.com https://*.bancintranets.com https://*.questsoft.com https://*.complianceeagle.com
X-Powered-By: Apache 2.0.59 Commodore C64
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store
Feature-Policy: self
X-Robots-Tag: noindex

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ncontracts.com/	1970-01-20 18:15:25	Name: rxVisitor Value: 16727657797965HTGVGHK7H9PI5CM9NGG0AR2IHN0V114
.ncontracts.com/	1969-12-31 23:59:59	Name: dtLatC Value: 381
.ncontracts.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.ncontracts.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_15_sn_BF197522169DAD75C9414FF59C1706AE_perc_100000_ol_0_mul_1_app-3A01ff57afec3ccf4c_1_app-3Ac3f4b3b9a73eca17_1_app-3A1b4bbe8313933a77_1_rcs-3Acss_0
.www.ncontracts.com/	1970-01-20 08:39:27	Name: __cf_bm Value: OVKHlIFoo6rA2so4S3rLWxP2EuuGKCIXRbtPZg.alrY-1672765781-0-AQ/FFojcLP5Wvc7I4IeuiyS1Slh5dgL9DM5KGHuquwFuw43mBKS2JPrSiyvflnmgyskdRvNirK8XSeBnYCDeH2A=
.www.ncontracts.com/	1969-12-31 23:59:59	Name: __cfruid Value: e08c8c513add76dce3246ec1bfba2598c56df5d2-1672765781
tracking.g2crowd.com/	1970-01-20 08:59:35	Name: _session_id Value: 8694acb1f9dfff3aa431c768896860dd
.g2crowd.com/	1970-01-20 08:39:27	Name: __cf_bm Value: FJ3MziHPNOJVGUzBYS8GiKB0oJ9W.sio9aFWv0Ogaao-1672765782-0-AcRrpgrXwVoyURLf+TZc8ngulmuHk3qqFJ1Mdhgvj54geXwGwc9DntwNwD1HIaAPNccy38JsYilFoTdh18IuTiY=
.ws.zoominfo.com/	1970-01-20 17:25:01	Name: visitorId Value: 2c89381d4818a387d85c417c47760ebdccb328f2250e12a8fba780531f4d00c9
.zoominfo.com/	1970-01-20 08:39:27	Name: __cf_bm Value: NnCIlrzvUI.7vGSY644MwZYb.zYY.eZQ3Z_s7vcswLA-1672765782-0-AYl4lFhB+l/lN2GwtMwvtoK+dBd09IONnQqkUsXUo9HJOMwV7/Swo5PgXy9nZfqBKfpxRG24VO9CKyj5viVZdkE=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: PdIaH6Yh7qIp1nOU19uUko0xQbqh0JjwQDajwCzALpc-1672765782291-0-604800000
www.ncontracts.com/	1970-01-20 08:40:52	Name: ln_or Value: eyIxNjQwODMzIjoiZCJ9
.linkedin.com/	1970-01-20 09:22:37	Name: UserMatchHistory Value: AQKJS46rVb_ywAAAAYV4nDm-Wal3LGnBnwdtR-58sKeN8PHkzx7RQR5ZJ7jKNz8YXQ6in6N-HqLpIQ
.linkedin.com/	1970-01-20 09:22:37	Name: AnalyticsSyncHistory Value: AQIQlyJHHLwFMQAAAYV4nDm-89ZIU8skkJiaNMg3z8uH3fV2mYCqnHDrXXeGSnAa_jroHGFXX-mj9ks7Et3BSg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:25:01	Name: bcookie Value: "v=2&fe0b852b-5c8a-479c-8ef7-962205e95170"
.linkedin.com/	1970-01-20 08:40:52	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2439:u=1:x=1:i=1672765782:t=1672852182:v=2:sig=AQGWC3mGLRzrTObo3iihcRpbrUG4Nw0S"
.ncontracts.com/	1970-01-20 10:49:01	Name: _fbp Value: fb.1.1672765782600.1424141654
.ncontracts.com/	1970-01-20 17:25:01	Name: _hjSessionUser_3254782 Value: eyJpZCI6ImE5MTg3ZDQ3LWU4YTQtNWY1Ny1iNGUyLTgwMTYyZDVjNjQwYiIsImNyZWF0ZWQiOjE2NzI3NjU3ODIzNTYsImV4aXN0aW5nIjpmYWxzZX0=
.ncontracts.com/	1970-01-20 08:39:27	Name: _hjFirstSeen Value: 1
www.ncontracts.com/	1970-01-20 08:39:25	Name: _hjIncludedInSessionSample Value: 0
.ncontracts.com/	1970-01-20 08:39:27	Name: _hjSession_3254782 Value: eyJpZCI6ImU1YWZlNTFkLWFlMWEtNDc5OC1iOTlkLWRiYTE4YjI1Njg3MiIsImNyZWF0ZWQiOjE2NzI3NjU3ODI2MTEsImluU2FtcGxlIjpmYWxzZX0=
www.ncontracts.com/	1970-01-20 08:39:25	Name: _hjIncludedInPageviewSample Value: 1
.ncontracts.com/	1970-01-20 08:39:27	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:25:01	Name: bscookie Value: "v=1&2023010317094209afff9c-e502-4667-8b9c-3ea404949df5AQHOeKuqLWWzV3AyS0M7EnWQHVgtap6e"
.linkedin.com/	1970-01-20 12:58:37	Name: li_gc Value: MTswOzE2NzI3NjU3ODI7MjswMjGU3oiPiFr/KXZgXctboQmtFGqi1bmUGEPSQ2BOwpocSA==
.ncontracts.com/	1970-01-20 18:15:25	Name: _ga Value: GA1.2.1630665767.1672765783
.ncontracts.com/	1970-01-20 08:40:52	Name: _gid Value: GA1.2.132745295.1672765783
.ncontracts.com/	1970-01-20 08:39:25	Name: _gat Value: 1
.hubspot.com/	1970-01-20 08:39:27	Name: __cf_bm Value: ucjobq23mk8IDZerKVYMsV8MWgydV29bytV5lZO2jW8-1672765782-0-AWTWohAUc6ECXxMyFWeUbx7Z0qheWwjSnHAfv31WYqnUlsFA7znp74Y0GKMOoKzPsbteSNwFCe8El8A9khjdzKE=
.ncontracts.com/	1970-01-20 10:49:01	Name: _gcl_au Value: 1.1.1806370370.1672765783
.doubleclick.net/	1970-01-20 08:39:26	Name: test_cookie Value: CheckForPermission
.ncontracts.com/	1970-01-20 12:58:37	Name: messagesUtk Value: 443a879ef0c84ac0ada9eb4b914726a9
.ncontracts.com/	1970-01-20 12:58:37	Name: __hstc Value: 45549371.e20ccbb0cea4d9406a04827a65f82fa0.1672765783353.1672765783353.1672765783353.1
.ncontracts.com/	1970-01-20 12:58:37	Name: hubspotutk Value: e20ccbb0cea4d9406a04827a65f82fa0
.ncontracts.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.ncontracts.com/	1970-01-20 08:39:27	Name: __hssc Value: 45549371.1.1672765783353
.ncontracts.com/	1969-12-31 23:59:59	Name: rxvt Value: 1672767583364\|1672765779798
.ncontracts.com/	1969-12-31 23:59:59	Name: dtPC Value: 15$565779794_106h-vHCCPKAISNFAUNWKUMLHFLQFMPPGJHPAK-0e0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'self'.
network	error	URL: https://auth.ncontracts.com/logout Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://settings.luckyorange.com/47aa9f76 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://ncontracts.com https://.ncontracts.com http://ncontracts.com http://.ncontracts.com https://fullstory.com https://.fullstory.com http://fullstory.com http://.fullstory.com https://bancintranets.com https://.bancintranets.com https://.questsoft.com https://*.complianceeagle.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	Nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

83340.fs1.hubspotusercontent-na1.net
api.hubapi.com
app.hubspot.com
app.ncontracts.com
auth.ncontracts.com
cdn.linkedin.oribi.io
cdn2.hubspot.net
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
js.usemessages.com
ka-f.fontawesome.com
kit.fontawesome.com
login.ncontracts.com
ncontracts-cdn.ncontracts.com
okt.to
px.ads.linkedin.com
px4.ads.linkedin.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
script.hotjar.com
settings.luckyorange.com
settings.luckyorange.net
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
static.oktopost.com
stats.g.doubleclick.net
tools.luckyorange.com
track.hubspot.com
tracking.g2crowd.com
use.fontawesome.com
vars.hotjar.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.ncontracts.com
104.26.11.16
13.107.42.14
13.32.27.54
13.32.27.7
143.204.214.192
143.204.215.95
23.22.90.252
2600:9000:2057:1e00:18:6c16:27c0:93a1
2600:9000:206f:0:2:53b2:240:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2c40::c73c:671c
2606:4700:10::6816:3668
2606:4700:4400::6812:2128
2606:4700:4400::ac40:9a55
2606:4700::6810:650c
2606:4700::6811:43b0
2606:4700::6811:5d2
2606:4700::6811:74b0
2606:4700::6811:b949
2606:4700::6811:cbcc
2606:4700::6811:d6cc
2606:4700::6811:eacc
2606:4700::6811:eecc
2606:4700::6811:f1cc
2606:4700::6812:1634
2606:4700::6812:1e49
2606:4700::6813:9b53
2606:4700:e2::ac40:840f
2606:4700:e4::ac40:a816
2620:1ec:21::14
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c0b::9d
2a00:1450:400d:805::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::200e
2a02:26f0:3500:16::215:14a0
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.107.203.234
34.242.58.23
52.189.64.195
54.171.56.153
65.9.66.126
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
03977ba375b0bf22db454b0a7813a24d4a5f7e51cc74bd2b3453a6a2aa3bcb23
059b2a54ace784800b518565668b7581090cc7fdc3732d8da24970b870b0d474
05da620e7bac78cd141e1a7f7005bf9e1eaf93837514ff265d5efd9fdda7ee11
08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84
11cf7ac99ec50b2233db060316c4ce6413571b130de0b4a501c12653e8c62ff8
131cac7876b19d02347ebb732228565b819f3d4468242cb5a512fc79a7c4b663
19a94eaca1c45c738d3e4903c37745ef50af48e0c3fede3f11b1a45f20eefe53
213a99dd35634ed35890e50af66e37a890225b0dc6c0c6f8180704f3e528340b
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
357a23682d66085d3c04a73bc0fd58511db1ee788f7718f5c561d8b26a57d948
37253385214529ed5414d04e200351c9df358c92668980fa24a2e140e42092f9
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3b93a2e684628e81e920529075f03e125c09df10f71446f81a6b8390e1b8bfe1
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3ec8e941fd9c4cc9196f771e1f1521c99b50f45cd35df95ae3fc9bb455653aa1
3fe29b8c78990a7b9438b55099db5603e79ad1438a8c3efab09cedf8eb415b66
44ba5d1a4a7949b7c87c8365121ff8b9961a81b82daccf7a7424b211091f21e8
47a77fecf18898c57b3230fec268fb5606d305019f1355bbf83f35f8a0266caa
4c1684e6209c0a79fbf7fefd5d5dfc4e40f7c150ff8a048d3bce346bdc18b0bb
4c7954754ee5cde5d9c8ba7781b4a0f4427ca8fa7c1d54123c3a16320a653aa6
4ce69fabe20033c2de82b3a2fd1ea8b7b6cfb92541b21260523fcf1cb08cadb6
53f4cc30a0cdd34d16dfda9a1e410b541dd08c7711fc2a763045b812ba65150c
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5876c2096fc247c54eb08226f1e290b4127c7843c41003ec42041bc9cb3ec022
602830dab5a2a34657d51ead63e871a0aa0929336dc83ba823fec73815874ec9
6316a4374bb7214efc3e9381f4f3765093e486b19917e460025c3735e61209c9
6b7bd1989f03f297ee3eb31e02148f3b00de8752e57edf8820d9e4d6efd223a5
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
6d46d37aa1dd8841e6a79e5ec46e5362f5aaad176ea10f2abee04ab07047cc34
6d47438acddd9d2f2340ea5ee9197a1fc5bf6a35b2b39b1c1b5a5bcf511e386a
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7542229c6dac8f51fdb4da106b4ea33d345b7fe6304cf92d37323a79efe87df0
75543b4a76f194cda98ca78c7eb3da1ab07e078938690f8643cbb998d5187408
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7e6f262c6b4a18b35f7ea7bc4c07e205a378b44fd86324a03444e642a3fa05b2
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8423b7207fcde819e316156a718544921ea09d7a5864bcc3887260a74514ea79
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88b3795f97ee469c9e30430b54d35c11cdf28c96e3e71d0122e37e6bf025c0b8
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8dd69c5677dc2817f1975f4f1d97f0883c62002c66d622880684acdebdfbb6d3
90c251bb0d6ac5249279f6e388dd65e6bf87f338c6745ac245feed471d3e2f75
9293649926b2fefcc745d0745f7069515068d051a0e5da1a8af0099fcbc2a285
a74a3403ba582ac59892878f4de06d247b45b05c609fe77b60896c631424e4d6
aa078ce1dbb919f5f1127ce3195096b426ad3119a14f26361322e030a3bf8be9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b640a52d29fdef57a1c6112972d8ab6fe0fd3f4e14f3fecac6858d0d892861c2
b8e0bd6f3021979ccacae0b5eb7a4214b375e60441874ae11e1d35e575151285
bc7b03745f761929af869c573481e525e7ba55dd53efc6e3dba9c498fe6d65c4
c1b3d44e13f252a4407fe9283951714cef49dd16ffc42daf39cc3a01dce11932
c203b1a0c1cca806d24138af7fc60cc15b791603c5eac80879531de5a20849b9
cb63139d2e4e99400e3acba385f7e10fa977659f9deb784af04b0cc5e3875a2a
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cd648e38ce96deb37eeecc6e91eb059817d1a43bba99ddfaa1aa89c55cd93e85
cebc067b2a2cc9019610a8849cc758724be635185445d76e7cd1aab1c5aa6d20
d2b995a6e1ba25e7f309c10c3b83cdaa050854a37f0c7704ba68d83c30a17ff0
d9b44d638fb6525e7083d11833191b3b0caeaf8963ac8f0750a6335df1c1256b
da34f6296bcad0af467d8776d377de8dabe85d985dcf5a11507a4439d6bbb571
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df64d64810052218d1c083e1bcf45e4fae2f972879a0928b81b8bfe4fd8c27d1
dfe0987f2c66b23e1ee0a0a58c6acfd2a82b50b30f94d4c25b1d31cb36fad107
e222eca142f632919a27690d88ec6f73f98d4bea48c046c17d19a7b129c58429
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fa895719671f50136115e5a8ac3773e46a820cebce1876a5dcb1fa2f095fe8
eb5f2c3557023f9aebd1315f78deceb2f5852d3680124fe1e96effc075df3170
ecfb45ec15963a82bd3b4858017f1bd0b4229995a9709f7d8f692457bb16898d
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04fcb0932b99d355532ecdad3ff051e3c503b176dc1176dddc017e7f1523516
f1b0edf2697a7e316f3032179ab8797e80d01ec950b2d3d636438defd1df5df8
f21f90f0f1de1219b6d20c6133ea5f442bb68a18f8a81b055e33df1880ab4b28
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

login.ncontracts.com Open in urlscan Pro 52.189.64.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

99 %HTTPS

74 %IPv6

35 Domains

51 Subdomains

45 IPs

4 Countries

2099 kBTransfer

6336 kBSize

40 Cookies

0 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.ncontracts.com Open in urlscan Pro
52.189.64.195 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

99 %
HTTPS

74 %
IPv6

35
Domains

51
Subdomains

45
IPs

4
Countries

2099 kB
Transfer

6336 kB
Size

40
Cookies

94 HTTP transactions
0 data transactions