urlscan.io logo urlscan.io
SecurityTrails logo

act.myngp.com Open in urlscan Pro
45.60.153.95  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://act.myngp.com/el/wKjYhqg4G40k8VQguzucluNf-F5ZKEN-wNeaZ2_MrUo=/E-wflXdh_UirwjG8vTR-B48cFm0IHy42ozYtM6ChxKw=
Effective URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Submission: On June 11 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 36 HTTP transactions. The main IP is 45.60.153.95, located in Redwood City, United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is act.myngp.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 1st 2017. Valid for: 2 years.
This is the only time act.myngp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 45.60.153.95 19551 (INCAPSULA)
7 52.222.149.158 16509 (AMAZON-02)
1 152.199.19.160 15133 (EDGECAST)
2 172.217.18.168 15169 (GOOGLE)
1 9 172.217.18.174 15169 (GOOGLE)
3 173.194.76.156 15169 (GOOGLE)
1 216.58.208.40 15169 (GOOGLE)
2 40.114.13.25 8075 (MICROSOFT...)
1 52.216.229.131 16509 (AMAZON-02)
1 52.222.149.241 16509 (AMAZON-02)
2 40.114.241.141 8075 (MICROSOFT...)
36 12
9    45.60.153.95 (Redwood City, United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
act.myngp.com
fastaction.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
7    52.222.149.158 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-158.fra53.r.cloudfront.net
d1aqhv4sn5kxtx.cloudfront.net
1    152.199.19.160 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az416426.vo.msecnd.net
2    172.217.18.168 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f8.1e100.net
www.googletagmanager.com
9    172.217.18.174 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f14.1e100.net
www.google-analytics.com
3    173.194.76.156 (Portage, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: ws-in-f156.1e100.net
stats.g.doubleclick.net
1    216.58.208.40 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f8.1e100.net
ssl.google-analytics.com
2    40.114.13.25 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
profile.ngpvan.com
1    52.216.229.131 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com
formdefs.s3.amazonaws.com
1    52.222.149.241 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-241.fra53.r.cloudfront.net
d1aqhv4sn5kxtx.cloudfront.net
2    40.114.241.141 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
dc.services.visualstudio.com
Domain Requested by
9 www.google-analytics.com 1 redirects www.googletagmanager.com
act.myngp.com
8 d1aqhv4sn5kxtx.cloudfront.net act.myngp.com
d1aqhv4sn5kxtx.cloudfront.net
www.googletagmanager.com
www.google-analytics.com
6 act.myngp.com 1 redirects act.myngp.com
3 stats.g.doubleclick.net act.myngp.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 profile.ngpvan.com d1aqhv4sn5kxtx.cloudfront.net
az416426.vo.msecnd.net
2 www.googletagmanager.com act.myngp.com
d1aqhv4sn5kxtx.cloudfront.net
1 secure.ngpvan.com az416426.vo.msecnd.net
1 secure.everyaction.com az416426.vo.msecnd.net
1 fastaction.ngpvan.com d1aqhv4sn5kxtx.cloudfront.net
1 formdefs.s3.amazonaws.com az416426.vo.msecnd.net
1 ssl.google-analytics.com act.myngp.com
1 az416426.vo.msecnd.net act.myngp.com
36 13

This site contains links to these domains. Also see Links.

Domain
fastaction.ngpvan.com
www.ngpvan.com
heathersteans.com
Subject Issuer Validity Valid
act.myngp.com
Go Daddy Secure Certificate Authority - G2		 2017-11-01 -
2019-12-15		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Frame ID: 5910D568EDABD33F27091157BB326E26
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://act.myngp.com/el/wKjYhqg4G40k8VQguzucluNf-F5ZKEN-wNeaZ2_MrUo=/E-wflXdh_UirwjG8vTR-B48cFm0I... HTTP 302
    https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A== Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i

Page Statistics

36
Requests

14 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

629 kB
Transfer

1687 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://act.myngp.com/el/wKjYhqg4G40k8VQguzucluNf-F5ZKEN-wNeaZ2_MrUo=/E-wflXdh_UirwjG8vTR-B48cFm0IHy42ozYtM6ChxKw= HTTP 302
    https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=367773889&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F-7696667586961799168%3Fmidqs%3DEc3MJrywGzdkL0ySsBl53A%3D%3D&ul=en-us&de=UTF-8&dt=.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=EventForm&ea=Form%20Load&el=Oberon&ev=17&_utma=101563537.638220324.1528732296.1528732296.1528732296.1&_utmz=101563537.1528732296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1528732296463&_u=aGHCAEAB~&jid=1613181547&gjid=1094726996&cid=638220324.1528732296&tid=UA-28243511-20&_gid=1816846971.1528732296&_r=1&gtm=G645L2FSL&cd6=-7696667586961799168&z=1072396814 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=638220324.1528732296&jid=1613181547&_gid=1816846971.1528732296&gjid=1094726996&_v=j68&z=1072396814

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set -7696667586961799168
act.myngp.com/Forms/
Redirect Chain
  • https://act.myngp.com/el/wKjYhqg4G40k8VQguzucluNf-F5ZKEN-wNeaZ2_MrUo=/E-wflXdh_UirwjG8vTR-B48cFm0IHy42ozYtM6ChxKw=
  • https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
427d17723af0e5e69dcd3c1b06e2d2abfb967a8e143cad229cd3444f474fa9f0

Request headers

Host
act.myngp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
BIGipServerpool_ob_act_myngp_com=!Xv9L4M0o8y1mh41YeJn4bPxPlfs2+fVYbX2ID113cMs4aXKbNdUiLQqNhDVDA23R+5M3W752GEEGJv/24s6cSlfrbl2HhCRWki/m2DxS3b5Dl1DcG+3zVmj2kYMKAVGmX6WEvuUy1467HtPx0S4HXgj7OHRrXUE=; visid_incap_364709=NHkbz+1JSW+nik+/1NIGPYWaHlsAAAAAQUIPAAAAAAAYOGy1epRsVIUiWWWBGn1C; incap_ses_474_364709=bMCPDL0RSDOvtyxEYf2TBoaaHlsAAAAA0PUBzZ8OWC0ysA9pAvrgLQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
5910D568EDABD33F27091157BB326E26

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=dt4nbflwsypphirw0tv1dmnn; path=/; HttpOnly
X-AspNetMvc-Version
4.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Date
Mon, 11 Jun 2018 15:51:34 GMT
X-Iinfo
4-1127548-1127549 SNNN RT(1528732293792 467) q(0 0 0 -1) r(2 2) U2
X-CDN
Incapsula
Transfer-Encoding
chunked

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
4.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Date
Mon, 11 Jun 2018 15:51:34 GMT
Content-Length
196
Set-Cookie
BIGipServerpool_ob_act_myngp_com=!Xv9L4M0o8y1mh41YeJn4bPxPlfs2+fVYbX2ID113cMs4aXKbNdUiLQqNhDVDA23R+5M3W752GEEGJv/24s6cSlfrbl2HhCRWki/m2DxS3b5Dl1DcG+3zVmj2kYMKAVGmX6WEvuUy1467HtPx0S4HXgj7OHRrXUE=; path=/ visid_incap_364709=NHkbz+1JSW+nik+/1NIGPYWaHlsAAAAAQUIPAAAAAAAYOGy1epRsVIUiWWWBGn1C; expires=Tue, 11 Jun 2019 13:27:43 GMT; path=/; Domain=.myngp.com incap_ses_474_364709=bMCPDL0RSDOvtyxEYf2TBoaaHlsAAAAA0PUBzZ8OWC0ysA9pAvrgLQ==; path=/; Domain=.myngp.com
X-Iinfo
4-1127548-1127549 NNNN CT(88 202 0) RT(1528732293792 31) q(0 0 3 0) r(4 4) U11
X-CDN
Incapsula
at.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		781 KB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
HTTP/1.1
Server
52.222.149.158 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-158.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
718f8929606fd753a1283031b33a49df79ac73addb6e568729c210d888ae62e6

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 06 Jun 2018 20:39:42 GMT
Content-Encoding
gzip
Age
69061
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
230697
Access-Control-Allow-Origin
*
Last-Modified
Wed, 06 Jun 2018 20:38:14 GMT
Server
AmazonS3
ETag
"0e262b69d9d5edd9a9c5711f17c2a398"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Via
1.1 36c13eeffcddf77ad33d7874b28e6168.cloudfront.net (CloudFront)
Cache-Control
max-age=900, s-maxage=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
axIuAeI_inkoVrYaI_qXxA9x_At0OGgRAn4WopAbIcbkSFqyB9kVyQ==
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		95 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
SPDY
Server
152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
ad3f9f8e584be3f18ce75a18089e3a7e374933c5666bde1ecc4ce3d095e33f44

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 11 Jun 2018 15:51:35 GMT
content-encoding
gzip
content-md5
20pRSc5zTKZ0Mcs2OWIdJw==
x-cache
HIT
status
200
content-length
21607
x-ms-lease-status
unlocked
last-modified
Wed, 06 Jun 2018 22:11:49 GMT
server
ECAcc (frc/8FA5)
etag
0x8D5CBFA80254B22
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4cde69b7-f01e-00ed-2e9b-01ed60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=600
x-ms-version
2009-09-19
gtm.js
www.googletagmanager.com/ 		90 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WN78RH
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
SPDY
Server
172.217.18.168 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f8.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
5b8bb100822e356271798ff9da653b40b6416116255ffd2895f0c6a4d5e6529e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 11 Jun 2018 15:51:35 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
26077
x-xss-protection
1; mode=block
expires
Mon, 11 Jun 2018 15:51:35 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WN78RH
Protocol
SPDY
Server
172.217.18.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
3328
date
Mon, 11 Jun 2018 14:56:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14386
expires
Mon, 11 Jun 2018 16:56:07 GMT
collect
www.google-analytics.com/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=367773889&t=pageview&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F-7696667586961799168%3Fmidqs%3DEc3MJrywGzdkL0ySsBl53A%3D%3D&ul=en-us&de=UTF-8&dt=.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=1629691169&gjid=2078335266&cid=638220324.1528732296&tid=UA-28243511-13&_gid=1816846971.1528732296&_r=1&gtm=G64WN78RH&z=1982331560
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
SPDY
Server
172.217.18.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jun 2018 15:51:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j68&a=367773889&t=pageview&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F-7696667586961799168%3Fmidqs%3DEc3MJrywGzdkL0ySsBl53A%3D%3D&ul=en-us&de=UTF-8&dt=.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAAB~&jid=425788672&gjid=25647160&cid=638220324.1528732296&tid=UA-28243511-5&_gid=1816846971.1528732296&gtm=G64WN78RH&cd1=ACCOUNT%20ADMIN&cd2=Steans%2C%20Heather&z=2038348449
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
SPDY
Server
172.217.18.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jun 2018 10:34:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
537441
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-28243511-5&cid=638220324.1528732296&jid=425788672&gjid=25647160&_gid=1816846971.1528732296&_u=YGDAgAAB~&z=1589892371
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
SPDY
Server
173.194.76.156 Portage, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 11 Jun 2018 15:51:35 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
SPDY
Server
216.58.208.40 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
1254
date
Mon, 11 Jun 2018 15:30:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
17168
expires
Mon, 11 Jun 2018 17:30:41 GMT
_Incapsula_Resource
act.myngp.com/ 		107 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.myngp.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1841606616
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
3720b0d0e6616d9461cbffb147af9af0161e8f0d5f413d70b86746d2dec56ba2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Cookie
BIGipServerpool_ob_act_myngp_com=!Xv9L4M0o8y1mh41YeJn4bPxPlfs2+fVYbX2ID113cMs4aXKbNdUiLQqNhDVDA23R+5M3W752GEEGJv/24s6cSlfrbl2HhCRWki/m2DxS3b5Dl1DcG+3zVmj2kYMKAVGmX6WEvuUy1467HtPx0S4HXgj7OHRrXUE=; visid_incap_364709=NHkbz+1JSW+nik+/1NIGPYWaHlsAAAAAQUIPAAAAAAAYOGy1epRsVIUiWWWBGn1C; incap_ses_474_364709=bMCPDL0RSDOvtyxEYf2TBoaaHlsAAAAA0PUBzZ8OWC0ysA9pAvrgLQ==; ASP.NET_SessionId=dt4nbflwsypphirw0tv1dmnn; ai_user=uQIJo|2018-06-11T15:51:35.518Z; _ga=GA1.3.638220324.1528732296; _gid=GA1.3.1816846971.1528732296; _gat_UA-28243511-13=1; _dc_gtm_UA-28243511-5=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache
Content-Length
15765
Content-Type
application/javascript
ngpvan-logo-16.png
d1aqhv4sn5kxtx.cloudfront.net/images/ 		617 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/images/ngpvan-logo-16.png
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
HTTP/1.1
Server
52.222.149.158 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-158.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 24 Nov 2017 05:08:56 GMT
Via
1.1 36c13eeffcddf77ad33d7874b28e6168.cloudfront.net (CloudFront)
Last-Modified
Thu, 28 Aug 2014 21:19:38 GMT
Server
AmazonS3
Age
17232160
ETag
"3d6f9aab1e809b87c195e78264cb01f8"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public,max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
617
X-Amz-Cf-Id
kilEpYmRJNzDYaeex9PHKqRJKf1Mn7JHgtZeQBK16juNvwuJmFC9vQ==
_Incapsula_Resource
act.myngp.com/ 		1 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.myngp.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6149117844459466
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Cookie
BIGipServerpool_ob_act_myngp_com=!Xv9L4M0o8y1mh41YeJn4bPxPlfs2+fVYbX2ID113cMs4aXKbNdUiLQqNhDVDA23R+5M3W752GEEGJv/24s6cSlfrbl2HhCRWki/m2DxS3b5Dl1DcG+3zVmj2kYMKAVGmX6WEvuUy1467HtPx0S4HXgj7OHRrXUE=; visid_incap_364709=NHkbz+1JSW+nik+/1NIGPYWaHlsAAAAAQUIPAAAAAAAYOGy1epRsVIUiWWWBGn1C; incap_ses_474_364709=bMCPDL0RSDOvtyxEYf2TBoaaHlsAAAAA0PUBzZ8OWC0ysA9pAvrgLQ==; ASP.NET_SessionId=dt4nbflwsypphirw0tv1dmnn; ai_user=uQIJo|2018-06-11T15:51:35.518Z; _ga=GA1.3.638220324.1528732296; _gid=GA1.3.1816846971.1528732296; _gat_UA-28243511-13=1; _dc_gtm_UA-28243511-5=1; __utma=101563537.638220324.1528732296.1528732296.1528732296.1; __utmb=101563537.0.10.1528732296; __utmc=101563537; __utmz=101563537.1528732296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=101563537.|1=Tenant=Steans%2C%20Heather=1; ___utmvc=NbzRoLcYtVhrOCQBC07wPLaeZBrzOhd64fSPqm/OLi0cADPi6QwsWxNAnWLDf3SrwwY59gCn03Ow+HAZUM36KYQtfqdO6utjivtIXWKncCc1L5W6a2+BSZBkyw3FJZDF9TJp3wupe6zHlTSdrM2Yv68+06ET87yrF0vkU8Ijiz4Pu4SOqB5/4QQ7Xc0SYVDSibJSXnb7YT2N2hKIhgWp7AgBhpEoN8gMYBeutwoPC3ZZDPWIKz1FmEo5lxf3xcSS7cGvB0om8Q3v+N4r8mCvfqxVrVb8ACZ8qcybbjvIaqqUxzkyPKPmMLdvvKwY3Bt2qe6bWa2EVjH9KIXrfDhbJmnW5OD9/L+D10tQnNMOpBZaXsTnyREh0XVUqsQNP6EsmIzryAaHgE0xe7a9zZq3CzQ2/0X+Hk9wt5YkwP86pnkokzHOz/0B1w2ydKC2ZgVitzPArV2U1mz/mhA0IZyLVU0HfIK2M8YXI+cJNi0qFczI36cW5uCsbiKEI4k5bcWQZrrzxKVmLswl5WdlLqY7RLxMiv3ik2L4ZAuhVLNhL+W2KRztBLCxCcL2gO4A9CRAEijYt+ZFzE+TPe3fu04IS/3j03PWeD40g7N83zHorxhHR/xHBwJthUUqlurnyqoOhIY05KdAejlK8xSMPrtQX1fCjSX8qOneXpfC4NLWBpxBPVybWU10seFhLf3mCvFBfXN0POuGF+GURH4eALlnaz2QVSEj3mxJazs6RFW+RSYD7vc8eHY1pWq/ylDU2iYafvFmodLPR6V6jZNynLTSQ3MOXhcLcrWo/DmsAJPybFztHSxJhmkpNs4+JrO2Ji2z/jQR6+6daRZy2y3Stmdpx678ZHUIyvWITz2y2fWx+lNJ/sIswVdhd9MSkqK6XAPZd7OjlQPSdw3e9+uVelLRl+byHt/zam43mu6emr5dsuyx6WT5TR2KaKotqn4b96tX1TiafaMRCl6iWSxsoOC1gNe4Bqy96Bz4aJ+qMuozRSZ/3eswXbM/dGwvVW4N+IVbHy/H7feKQ2HfU6ok87lmHhHWvn1c8/vdd4KTh9w9dGZg31Thf7ttFtSlnBRd+OxV3Mnv+WduV8ne0HBFSRQqOQQmxH50zQzBqCaidWpDERcqmeMX3hhmZuRx3axXYOEhYq/ZoI8rRqJ3mn95iRcICcD06ixQu7MoA60pSTmaa/+s/hpzWxniUK9Qt3kD4oVHPzlbOQfdOK4xgVGeyc72xDr2LGRpZ2VzdD05MDc5NixzPThmOWI5Zjg5NzlhODkyODhhMGFlNzI3MzZkYWM3Y2FlOGE4OTg4NmQ2OTcxYTFiMjgzOTE4NGFhOTM3ZTg1ODhhMjdkOGJhZjg1OWU3Njcz
Connection
keep-alive
Cache-Control
no-cache
Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Length
1
Content-Type
text/plain
identity
profile.ngpvan.com/ 		72 B
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Server
40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
50732f5f4e98b29a6a3840a86926e32af9e76a2d63c5d2435c48b90b6d22d9e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 11 Jun 2018 15:51:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
Express, ASP.NET
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Content-Type
text/javascript; charset=utf-8
Content-Length
190
ETag
W/"48-Dhvp+8bUgd0NGFqrP3D+gPRYruc"
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag
gtm.js
www.googletagmanager.com/ 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
SPDY
Server
172.217.18.168 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f8.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
d15bc51ac90085d2f112ee504e5c72f06984c0064bfc3917a907d5140ea4cc77
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 11 Jun 2018 15:51:35 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
22860
x-xss-protection
1; mode=block
expires
Mon, 11 Jun 2018 15:51:35 GMT
at.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		104 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Server
52.222.149.158 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-158.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25c868b823baf8d30c3af7ced6ff330ded26d08e841dfa93feea17811d7f5fb8

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 06 Jun 2018 20:04:00 GMT
Content-Encoding
gzip
Age
71229
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
19440
Access-Control-Allow-Origin
*
Last-Modified
Wed, 06 Jun 2018 20:03:29 GMT
Server
AmazonS3
ETag
"d140ebaaad5fc42ae53e62159671a3c7"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Via
1.1 36c13eeffcddf77ad33d7874b28e6168.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Amz-Cf-Id
li9HB_w-XIdnWZT5GKAhr9IHGjNf41PUF4MDhzKevKVJIW8eZ_axqg==
extra.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		70 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Server
52.222.149.158 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-158.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d5abc8b0c826a3070659eb2f2be12308e146a8456323345221a478cefd59e9

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 06 Jun 2018 20:04:00 GMT
Content-Encoding
gzip
Age
71229
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
16027
Access-Control-Allow-Origin
*
Last-Modified
Wed, 06 Jun 2018 20:03:29 GMT
Server
AmazonS3
ETag
"e99016f8945a101c8def9c8e25da6bc8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Via
1.1 36c13eeffcddf77ad33d7874b28e6168.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Amz-Cf-Id
1NwCvOu40o3z2VXDcnb1OPPk-w1qsPPZ-n1W_TVpuNgtmq_l8ilqrA==
-7696667586961799168
formdefs.s3.amazonaws.com/api.myngp.com/ 		50 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://formdefs.s3.amazonaws.com/api.myngp.com/-7696667586961799168
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
52.216.229.131 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0055a1fc64722dec1a623ebb9c7623e643214f8ff351328998a943c4289aea46

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 11 Jun 2018 15:51:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 May 2018 15:18:11 GMT
Server
AmazonS3
x-amz-request-id
128FA6DE6F2790DE
ETag
"babc938238b6f7b8494c0aa370a6c743"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
max-age=0
Accept-Ranges
bytes
Content-Length
3740
x-amz-id-2
p+ybCHsaacq9UbPzygiWejzvnfmqcUTjjHW5zL+oMu+YaIusasG8vuPekEchpySCaHWeLWbmfQ4=
sweetspot.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
HTTP/1.1
Server
52.222.149.158 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-158.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 15:36:18 GMT
Via
1.1 36c13eeffcddf77ad33d7874b28e6168.cloudfront.net (CloudFront)
Age
85675
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8149
Last-Modified
Wed, 01 Mar 2017 15:31:32 GMT
Server
AmazonS3
ETag
"37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, s-maxage=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
ejmhFVketvJTtzh7bIfxowYS-2Uv2E0-qF-n29uhRvrhS7jKAjcErw==
collect
www.google-analytics.com/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j68&a=367773889&t=pageview&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F-7696667586961799168%3Fmidqs%3DEc3MJrywGzdkL0ySsBl53A%3D%3D&ul=en-us&de=UTF-8&dt=.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_utma=101563537.638220324.1528732296.1528732296.1528732296.1&_utmz=101563537.1528732296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1528732295947&_u=aGDCgEAB~&jid=484098729&gjid=1300962561&cid=638220324.1528732296&tid=UA-28243511-20&_gid=1816846971.1528732296&gtm=G645L2FSL&z=1293681088
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
SPDY
Server
172.217.18.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jun 2018 10:34:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
537441
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-28243511-20&cid=638220324.1528732296&jid=484098729&gjid=1300962561&_gid=1816846971.1528732296&_u=aGDCgEAB~&z=2133660695
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
SPDY
Server
173.194.76.156 Portage, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 11 Jun 2018 15:51:35 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity
fastaction.ngpvan.com/api/v1/ 		186 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1528732296402=
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Cowboy / Express
Resource Hash
9da8374f803893c28dac25a4068a808f081fffd9372cc5c07a55fe8d7fc1d2e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-CDN
Incapsula
X-Powered-By
Express
Transfer-Encoding
chunked
P3p
CP="NOI ADM DEV COM NAV OUR STP"
X-Iinfo
10-1537598-1537599 NNNN CT(89 187 0) RT(1528732295451 18) q(0 0 3 0) r(5 5) U4
Date
Mon, 11 Jun 2018 15:51:36 GMT
Connection
keep-alive
Content-Encoding
gzip
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
Server
Cowboy
Etag
W/"ba-847214362"
Vary
X-HTTP-Method-Override, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
glyphicons-regular.woff2
d1aqhv4sn5kxtx.cloudfront.net/actiontag/fonts/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/fonts/glyphicons-regular.woff2
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
HTTP/1.1
Server
52.222.149.158 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-158.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
Origin
https://act.myngp.com

Response headers

Date
Fri, 02 Mar 2018 15:38:54 GMT
Via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
Age
72445
X-Cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
Connection
keep-alive
Content-Length
96388
Last-Modified
Wed, 12 Apr 2017 14:33:38 GMT
Server
AmazonS3
ETag
"aca35251952e72d9e32d41217f0f97ab"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
k7rlQ6gy9smirtjamyVXBcUTaNU8hMNbQCJsXMzgLA6VHritHamzAw==
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		784 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
cc.png
d1aqhv4sn5kxtx.cloudfront.net/actiontag/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/images/cc.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
HTTP/1.1
Server
52.222.149.158 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-158.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

Referer
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 15:37:26 GMT
Via
1.1 36c13eeffcddf77ad33d7874b28e6168.cloudfront.net (CloudFront)
Age
14115
X-Cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
Connection
keep-alive
Content-Length
3392
Last-Modified
Thu, 30 Apr 2015 15:08:39 GMT
Server
AmazonS3
ETag
"294b44fc8703a45684537d51e363c045"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
dlsIvkcG_YOzh6JrWSgxejbO11WXQZhue3tKaKDlAsbHcdw7JwrzLA==
fast-action.png
d1aqhv4sn5kxtx.cloudfront.net/images/ 		1019 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/images/fast-action.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
HTTP/1.1
Server
52.222.149.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-241.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321

Request headers

Referer
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 09 Dec 2017 08:30:49 GMT
Via
1.1 e8929a64b6920fabf88f772b8cd0125c.cloudfront.net (CloudFront)
Last-Modified
Fri, 06 Feb 2015 17:50:28 GMT
Server
AmazonS3
Age
1313483
ETag
"fe324c0498d28e434d58e6d547ba19a1"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1019
X-Amz-Cf-Id
pSc8EZxoxvgwJXl4zdmRZyJ0SHRkV7Z7eELa1ogBx2aUps-hX4Qcdg==
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=367773889&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F-7696667586961799168%3Fmidqs%3DEc3MJrywGzdkL0ySsBl53A%3D%3D&ul=en-us&de=...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=638220324.1528732296&jid=1613181547&_gid=1816846971.1528732296&gjid=1094726996&_v=j68&z=1072396814
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=638220324.1528732296&jid=1613181547&_gid=1816846971.1528732296&gjid=1094726996&_v=j68&z=1072396814
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
SPDY
Server
173.194.76.156 Portage, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 11 Jun 2018 15:51:36 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jun 2018 15:51:36 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=638220324.1528732296&jid=1613181547&_gid=1816846971.1528732296&gjid=1094726996&_v=j68&z=1072396814
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
420
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j68&a=367773889&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F-7696667586961799168%3Fmidqs%3DEc3MJrywGzdkL0ySsBl53A%3D%3D&ul=en-us&de=UTF-8&dt=.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_utma=101563537.638220324.1528732296.1528732296.1528732296.1&_utmz=101563537.1528732296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1528732296465&_u=aGHCAEAB~&jid=&gjid=&cid=638220324.1528732296&tid=UA-28243511-20&_gid=1816846971.1528732296&gtm=G645L2FSL&cd1=EventForm&z=946446813
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
SPDY
Server
172.217.18.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jun 2018 10:34:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
537442
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Cookie set SteansSplashLogo.jpg
act.myngp.com/Uploads/9495/images/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.myngp.com/Uploads/9495/images/SteansSplashLogo.jpg
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c83521ede7157898de803763f58d6457ff1f5573f12d25b738692ca57972d3eb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Cookie
BIGipServerpool_ob_act_myngp_com=!Xv9L4M0o8y1mh41YeJn4bPxPlfs2+fVYbX2ID113cMs4aXKbNdUiLQqNhDVDA23R+5M3W752GEEGJv/24s6cSlfrbl2HhCRWki/m2DxS3b5Dl1DcG+3zVmj2kYMKAVGmX6WEvuUy1467HtPx0S4HXgj7OHRrXUE=; visid_incap_364709=NHkbz+1JSW+nik+/1NIGPYWaHlsAAAAAQUIPAAAAAAAYOGy1epRsVIUiWWWBGn1C; incap_ses_474_364709=bMCPDL0RSDOvtyxEYf2TBoaaHlsAAAAA0PUBzZ8OWC0ysA9pAvrgLQ==; ASP.NET_SessionId=dt4nbflwsypphirw0tv1dmnn; ai_user=uQIJo|2018-06-11T15:51:35.518Z; _ga=GA1.3.638220324.1528732296; _gid=GA1.3.1816846971.1528732296; _gat_UA-28243511-13=1; _dc_gtm_UA-28243511-5=1; __utma=101563537.638220324.1528732296.1528732296.1528732296.1; __utmb=101563537.0.10.1528732296; __utmc=101563537; __utmz=101563537.1528732296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=101563537.|1=Tenant=Steans%2C%20Heather=1; ___utmvc=NbzRoLcYtVhrOCQBC07wPLaeZBrzOhd64fSPqm/OLi0cADPi6QwsWxNAnWLDf3SrwwY59gCn03Ow+HAZUM36KYQtfqdO6utjivtIXWKncCc1L5W6a2+BSZBkyw3FJZDF9TJp3wupe6zHlTSdrM2Yv68+06ET87yrF0vkU8Ijiz4Pu4SOqB5/4QQ7Xc0SYVDSibJSXnb7YT2N2hKIhgWp7AgBhpEoN8gMYBeutwoPC3ZZDPWIKz1FmEo5lxf3xcSS7cGvB0om8Q3v+N4r8mCvfqxVrVb8ACZ8qcybbjvIaqqUxzkyPKPmMLdvvKwY3Bt2qe6bWa2EVjH9KIXrfDhbJmnW5OD9/L+D10tQnNMOpBZaXsTnyREh0XVUqsQNP6EsmIzryAaHgE0xe7a9zZq3CzQ2/0X+Hk9wt5YkwP86pnkokzHOz/0B1w2ydKC2ZgVitzPArV2U1mz/mhA0IZyLVU0HfIK2M8YXI+cJNi0qFczI36cW5uCsbiKEI4k5bcWQZrrzxKVmLswl5WdlLqY7RLxMiv3ik2L4ZAuhVLNhL+W2KRztBLCxCcL2gO4A9CRAEijYt+ZFzE+TPe3fu04IS/3j03PWeD40g7N83zHorxhHR/xHBwJthUUqlurnyqoOhIY05KdAejlK8xSMPrtQX1fCjSX8qOneXpfC4NLWBpxBPVybWU10seFhLf3mCvFBfXN0POuGF+GURH4eALlnaz2QVSEj3mxJazs6RFW+RSYD7vc8eHY1pWq/ylDU2iYafvFmodLPR6V6jZNynLTSQ3MOXhcLcrWo/DmsAJPybFztHSxJhmkpNs4+JrO2Ji2z/jQR6+6daRZy2y3Stmdpx678ZHUIyvWITz2y2fWx+lNJ/sIswVdhd9MSkqK6XAPZd7OjlQPSdw3e9+uVelLRl+byHt/zam43mu6emr5dsuyx6WT5TR2KaKotqn4b96tX1TiafaMRCl6iWSxsoOC1gNe4Bqy96Bz4aJ+qMuozRSZ/3eswXbM/dGwvVW4N+IVbHy/H7feKQ2HfU6ok87lmHhHWvn1c8/vdd4KTh9w9dGZg31Thf7ttFtSlnBRd+OxV3Mnv+WduV8ne0HBFSRQqOQQmxH50zQzBqCaidWpDERcqmeMX3hhmZuRx3axXYOEhYq/ZoI8rRqJ3mn95iRcICcD06ixQu7MoA60pSTmaa/+s/hpzWxniUK9Qt3kD4oVHPzlbOQfdOK4xgVGeyc72xDr2LGRpZ2VzdD05MDc5NixzPThmOWI5Zjg5NzlhODkyODhhMGFlNzI3MzZkYWM3Y2FlOGE4OTg4NmQ2OTcxYTFiMjgzOTE4NGFhOTM3ZTg1ODhhMjdkOGJhZjg1OWU3Njcz; _ga=GA1.2.638220324.1528732296; _gid=GA1.2.1816846971.1528732296; _dc_gtm_UA-28243511-20=1; ai_session=XsjNb|1528732296381.1|1528732296381.1; _gat_UA-28243511-20=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 11 Jun 2018 15:51:35 GMT
Last-Modified
Tue, 28 Jun 2016 19:56:40 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"6e3ee62f77d1d11:0"
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-Iinfo
4-1127548-1125131 2NNN RT(1528732293792 1851) q(0 0 0 -1) r(6 6) U18
Set-Cookie
___utmvc=a; Max-Age=0; path=/; expires=Sun, 10 Jun 2018 13:26:02 GMT
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
128868
X-CDN
Incapsula
Cookie set -7696667586961799168
act.myngp.com/fo/ 		153 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.myngp.com/fo/-7696667586961799168
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
be1aa6f249c3d87f6cab908c30ff90f6519c4858f24ab4ad94cce1e0083f8d65

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Cookie
BIGipServerpool_ob_act_myngp_com=!Xv9L4M0o8y1mh41YeJn4bPxPlfs2+fVYbX2ID113cMs4aXKbNdUiLQqNhDVDA23R+5M3W752GEEGJv/24s6cSlfrbl2HhCRWki/m2DxS3b5Dl1DcG+3zVmj2kYMKAVGmX6WEvuUy1467HtPx0S4HXgj7OHRrXUE=; visid_incap_364709=NHkbz+1JSW+nik+/1NIGPYWaHlsAAAAAQUIPAAAAAAAYOGy1epRsVIUiWWWBGn1C; incap_ses_474_364709=bMCPDL0RSDOvtyxEYf2TBoaaHlsAAAAA0PUBzZ8OWC0ysA9pAvrgLQ==; ASP.NET_SessionId=dt4nbflwsypphirw0tv1dmnn; ai_user=uQIJo|2018-06-11T15:51:35.518Z; _ga=GA1.3.638220324.1528732296; _gid=GA1.3.1816846971.1528732296; _gat_UA-28243511-13=1; _dc_gtm_UA-28243511-5=1; __utma=101563537.638220324.1528732296.1528732296.1528732296.1; __utmb=101563537.0.10.1528732296; __utmc=101563537; __utmz=101563537.1528732296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=101563537.|1=Tenant=Steans%2C%20Heather=1; ___utmvc=NbzRoLcYtVhrOCQBC07wPLaeZBrzOhd64fSPqm/OLi0cADPi6QwsWxNAnWLDf3SrwwY59gCn03Ow+HAZUM36KYQtfqdO6utjivtIXWKncCc1L5W6a2+BSZBkyw3FJZDF9TJp3wupe6zHlTSdrM2Yv68+06ET87yrF0vkU8Ijiz4Pu4SOqB5/4QQ7Xc0SYVDSibJSXnb7YT2N2hKIhgWp7AgBhpEoN8gMYBeutwoPC3ZZDPWIKz1FmEo5lxf3xcSS7cGvB0om8Q3v+N4r8mCvfqxVrVb8ACZ8qcybbjvIaqqUxzkyPKPmMLdvvKwY3Bt2qe6bWa2EVjH9KIXrfDhbJmnW5OD9/L+D10tQnNMOpBZaXsTnyREh0XVUqsQNP6EsmIzryAaHgE0xe7a9zZq3CzQ2/0X+Hk9wt5YkwP86pnkokzHOz/0B1w2ydKC2ZgVitzPArV2U1mz/mhA0IZyLVU0HfIK2M8YXI+cJNi0qFczI36cW5uCsbiKEI4k5bcWQZrrzxKVmLswl5WdlLqY7RLxMiv3ik2L4ZAuhVLNhL+W2KRztBLCxCcL2gO4A9CRAEijYt+ZFzE+TPe3fu04IS/3j03PWeD40g7N83zHorxhHR/xHBwJthUUqlurnyqoOhIY05KdAejlK8xSMPrtQX1fCjSX8qOneXpfC4NLWBpxBPVybWU10seFhLf3mCvFBfXN0POuGF+GURH4eALlnaz2QVSEj3mxJazs6RFW+RSYD7vc8eHY1pWq/ylDU2iYafvFmodLPR6V6jZNynLTSQ3MOXhcLcrWo/DmsAJPybFztHSxJhmkpNs4+JrO2Ji2z/jQR6+6daRZy2y3Stmdpx678ZHUIyvWITz2y2fWx+lNJ/sIswVdhd9MSkqK6XAPZd7OjlQPSdw3e9+uVelLRl+byHt/zam43mu6emr5dsuyx6WT5TR2KaKotqn4b96tX1TiafaMRCl6iWSxsoOC1gNe4Bqy96Bz4aJ+qMuozRSZ/3eswXbM/dGwvVW4N+IVbHy/H7feKQ2HfU6ok87lmHhHWvn1c8/vdd4KTh9w9dGZg31Thf7ttFtSlnBRd+OxV3Mnv+WduV8ne0HBFSRQqOQQmxH50zQzBqCaidWpDERcqmeMX3hhmZuRx3axXYOEhYq/ZoI8rRqJ3mn95iRcICcD06ixQu7MoA60pSTmaa/+s/hpzWxniUK9Qt3kD4oVHPzlbOQfdOK4xgVGeyc72xDr2LGRpZ2VzdD05MDc5NixzPThmOWI5Zjg5NzlhODkyODhhMGFlNzI3MzZkYWM3Y2FlOGE4OTg4NmQ2OTcxYTFiMjgzOTE4NGFhOTM3ZTg1ODhhMjdkOGJhZjg1OWU3Njcz; _ga=GA1.2.638220324.1528732296; _gid=GA1.2.1816846971.1528732296; _dc_gtm_UA-28243511-20=1; ai_session=XsjNb|1528732296381.1|1528732296381.1; _gat_UA-28243511-20=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 11 Jun 2018 15:51:35 GMT
X-AspNetMvc-Version
4.0
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-Iinfo
3-783856-783857 NNNN CT(0 0 0) RT(1528732295648 7) q(0 0 0 -1) r(2 2) U2
Cache-Control
private
Set-Cookie
___utmvc=a; Max-Age=0; path=/; expires=Sun, 10 Jun 2018 13:26:02 GMT
Content-Type
image/jpeg
Content-Length
153
X-CDN
Incapsula
collect
www.google-analytics.com/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j68&a=367773889&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F-7696667586961799168%3Fmidqs%3DEc3MJrywGzdkL0ySsBl53A%3D%3D&ul=en-us&de=UTF-8&dt=.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=EventForm&ea=Form%20Fill&el=FastAction&ev=8&_utma=101563537.638220324.1528732296.1528732296.1528732296.1&_utmz=101563537.1528732296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1528732296615&_u=aGHCAEAB~&jid=&gjid=&cid=638220324.1528732296&tid=UA-28243511-20&_gid=1816846971.1528732296&gtm=G645L2FSL&cd6=-7696667586961799168&z=1609217623
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
SPDY
Server
172.217.18.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jun 2018 10:34:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
537442
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
nvtag
profile.ngpvan.com/v2/data/VwBJsaTolwxMim7ytJSD4X2f/ 		2 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/v2/data/VwBJsaTolwxMim7ytJSD4X2f/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 11 Jun 2018 15:51:36 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
Express, ASP.NET
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://act.myngp.com
Access-Control-Allow-Credentials
true
Content-Length
123
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag
VwBJsaTolwxMim7ytJSD4X2f
secure.everyaction.com/Databag/Profile/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/Databag/Profile/VwBJsaTolwxMim7ytJSD4X2f
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
X-Iinfo
5-1516505-1516508 NNNN CT(88 181 0) RT(1528732296143 16) q(0 0 3 10) r(4 4) U11
X-XSS-Protection
0
Cache-Control
private
Date
Mon, 11 Jun 2018 15:51:37 GMT
X-CDN
Incapsula
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
VwBJsaTolwxMim7ytJSD4X2f
secure.ngpvan.com/Databag/Profile/ 		0
1014 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Databag/Profile/VwBJsaTolwxMim7ytJSD4X2f
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
X-Iinfo
3-783947-783952 NNNN CT(88 181 0) RT(1528732296443 17) q(0 1 4 115) r(5 5) U11
X-XSS-Protection
0
Cache-Control
private
Date
Mon, 11 Jun 2018 15:51:36 GMT
X-CDN
Incapsula
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
collect
www.google-analytics.com/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j68&a=367773889&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F-7696667586961799168%3Fmidqs%3DEc3MJrywGzdkL0ySsBl53A%3D%3D&ul=en-us&de=UTF-8&dt=.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=EventForm&ea=Form%20Fill&el=FastAction&ev=8&_utma=101563537.638220324.1528732296.1528732296.1528732296.1&_utmz=101563537.1528732296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1528732297092&_u=aGHCAEAB~&jid=&gjid=&cid=638220324.1528732296&tid=UA-28243511-20&_gid=1816846971.1528732296&gtm=G645L2FSL&cd6=-7696667586961799168&z=1305247018
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Protocol
SPDY
Server
172.217.18.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jun 2018 10:34:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
537443
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j68&a=367773889&t=timing&_s=2&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F-7696667586961799168%3Fmidqs%3DEc3MJrywGzdkL0ySsBl53A%3D%3D&ul=en-us&de=UTF-8&dt=.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2723&pdt=9&dns=0&rrt=674&srt=159&tcp=0&dit=996&clt=996&_utma=101563537.638220324.1528732296.1528732296.1528732296.1&_utmz=101563537.1528732296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1528732297470&_u=aGHCgEAB~&jid=&gjid=&cid=638220324.1528732296&tid=UA-28243511-5&_gid=1816846971.1528732296&gtm=G64WN78RH&cd1=ACCOUNT%20ADMIN&cd2=Steans%2C%20Heather&z=340381389
Protocol
SPDY
Server
172.217.18.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jun 2018 10:34:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
537443
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Access-Control-Request-Headers
content-type,sdk-context

Response headers

Date
Mon, 11 Jun 2018 15:51:36 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
0
track
dc.services.visualstudio.com/v2/ 		96 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
HTTP/1.1
Server
40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e0a3eb84b1864253246d8e8f22c5f4bc50e94f45a14767d7d48ff855d774c1c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/-7696667586961799168?midqs=Ec3MJrywGzdkL0ySsBl53A==
Origin
https://act.myngp.com
Sdk-Context
appId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
485FE3DD-1124-4D51-9F0A-16F59EC235B9
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Access-Control-Max-Age
3600
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Date
Mon, 11 Jun 2018 15:51:37 GMT
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
96

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| appInsights object| dataLayer string| footerHTML object| google_tag_manager function| __extends object| Microsoft object| AI string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| _ object| CSSModal object| Braintree object| nvtag boolean| exileHeaderAndFooter object| _gaq object| _gat object| Backbone function| _jqjsp object| atLayer object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType function| transactionFilter function| oldPush boolean| sweetSpotEnabled object| nvtag_callbacks object| formview

19 Cookies

Domain/Path Name / Value
act.myngp.com/ Name: ai_session
Value: XsjNb|1528732296381.1|1528732296381.1
.myngp.com/ Name: _gat_UA-28243511-20
Value: 1
.myngp.com/ Name: _gid
Value: GA1.2.1816846971.1528732296
.myngp.com/ Name: _ga
Value: GA1.2.638220324.1528732296
.act.myngp.com/ Name: __utmz
Value: 101563537.1528732296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
act.myngp.com/ Name: ai_user
Value: uQIJo|2018-06-11T15:51:35.518Z
.act.myngp.com/ Name: _gid
Value: GA1.3.1816846971.1528732296
.act.myngp.com/ Name: __utma
Value: 101563537.638220324.1528732296.1528732296.1528732296.1
.act.myngp.com/ Name: __utmc
Value: 101563537
.act.myngp.com/ Name: _dc_gtm_UA-28243511-5
Value: 1
.myngp.com/ Name: incap_ses_474_364709
Value: bMCPDL0RSDOvtyxEYf2TBoaaHlsAAAAA0PUBzZ8OWC0ysA9pAvrgLQ==
.act.myngp.com/ Name: __utmv
Value: 101563537.|1=Tenant=Steans%2C%20Heather=1
.myngp.com/ Name: visid_incap_364709
Value: NHkbz+1JSW+nik+/1NIGPYWaHlsAAAAAQUIPAAAAAAAYOGy1epRsVIUiWWWBGn1C
.act.myngp.com/ Name: __utmb
Value: 101563537.0.10.1528732296
.act.myngp.com/ Name: _ga
Value: GA1.3.638220324.1528732296
.act.myngp.com/ Name: _gat_UA-28243511-13
Value: 1
.myngp.com/ Name: _dc_gtm_UA-28243511-20
Value: 1
act.myngp.com/ Name: ASP.NET_SessionId
Value: dt4nbflwsypphirw0tv1dmnn
act.myngp.com/ Name: BIGipServerpool_ob_act_myngp_com
Value: !Xv9L4M0o8y1mh41YeJn4bPxPlfs2+fVYbX2ID113cMs4aXKbNdUiLQqNhDVDA23R+5M3W752GEEGJv/24s6cSlfrbl2HhCRWki/m2DxS3b5Dl1DcG+3zVmj2kYMKAVGmX6WEvuUy1467HtPx0S4HXgj7OHRrXUE=

8 Console Messages

Source Level URL
Text
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Downloading (-7696667586961799168): 480.35107421875ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Processing (-7696667586961799168): 72.56591796875ms
console-api warning URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 9)
Message:
Merge Field
console-api warning URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 9)
Message:
Merge Field
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Render (-7696667586961799168): 69.13916015625ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Fill (-7696667586961799168): 82.5400390625ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Form (-7696667586961799168): 710.329833984375ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Total: 751.490966796875ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.myngp.com
az416426.vo.msecnd.net
d1aqhv4sn5kxtx.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
formdefs.s3.amazonaws.com
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
152.199.19.160
172.217.18.168
172.217.18.174
173.194.76.156
216.58.208.40
40.114.13.25
40.114.241.141
45.60.153.95
52.216.229.131
52.222.149.158
52.222.149.241
0055a1fc64722dec1a623ebb9c7623e643214f8ff351328998a943c4289aea46
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
25c868b823baf8d30c3af7ced6ff330ded26d08e841dfa93feea17811d7f5fb8
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16
3720b0d0e6616d9461cbffb147af9af0161e8f0d5f413d70b86746d2dec56ba2
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
427d17723af0e5e69dcd3c1b06e2d2abfb967a8e143cad229cd3444f474fa9f0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
50732f5f4e98b29a6a3840a86926e32af9e76a2d63c5d2435c48b90b6d22d9e6
557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321
5b8bb100822e356271798ff9da653b40b6416116255ffd2895f0c6a4d5e6529e
718f8929606fd753a1283031b33a49df79ac73addb6e568729c210d888ae62e6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
9da8374f803893c28dac25a4068a808f081fffd9372cc5c07a55fe8d7fc1d2e9
a0d5abc8b0c826a3070659eb2f2be12308e146a8456323345221a478cefd59e9
ad3f9f8e584be3f18ce75a18089e3a7e374933c5666bde1ecc4ce3d095e33f44
be1aa6f249c3d87f6cab908c30ff90f6519c4858f24ab4ad94cce1e0083f8d65
c83521ede7157898de803763f58d6457ff1f5573f12d25b738692ca57972d3eb
d15bc51ac90085d2f112ee504e5c72f06984c0064bfc3917a907d5140ea4cc77
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e0a3eb84b1864253246d8e8f22c5f4bc50e94f45a14767d7d48ff855d774c1c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc