natgenagency.com Open in urlscan Pro
167.19.115.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?t=inu7rkdbb.0.0.o4iqtwrab.0&id=preview&r=3&p=https%3A%2F%2Fnatgenagency.com
Effective URL:
https://natgenagency.com/
Submission: On October 20 via api (October 20th 2021, 7:40:23 pm UTC) from US — Scanned from DE

Summary HTTP 35 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 35 HTTP transactions. The main IP is 167.19.115.21, located in United States and belongs to GMACI-COMM, US. The main domain is natgenagency.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 3rd 2021. Valid for: a year.

This is the only time natgenagency.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
29	167.19.115.21 167.19.115.21	22221 (GMACI-COMM) (GMACI-COMM)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1 2	167.19.21.43 167.19.21.43	22221 (GMACI-COMM) (GMACI-COMM)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
35	5

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 167.19.115.21 (United States)

ASN22221 (GMACI-COMM, US)

natgenagency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.19.21.43 (United States) 1 redirects

ASN22221 (GMACI-COMM, US)

www.nationalgeneral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nationalgeneral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	natgenagency.com natgenagency.com	330 KB
4	gstatic.com fonts.gstatic.com	66 KB
2	nationalgeneral.com 1 redirects www.nationalgeneral.com nationalgeneral.com	93 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	rs6.net 1 redirects r20.rs6.net	342 B
35	5

	Domain	Requested by
29	natgenagency.com	natgenagency.com
4	fonts.gstatic.com	fonts.googleapis.com
1	nationalgeneral.com	natgenagency.com
1	www.nationalgeneral.com	1 redirects
1	fonts.googleapis.com	natgenagency.com
1	r20.rs6.net	1 redirects
35	6

This site contains links to these domains. Also see Links.

Domain
www.nationalgeneral.com
nghcprivacy.com

Subject Issuer	Validity	Valid
*.natgenagency.com Entrust Certification Authority - L1K	`2021-03-03` - `2022-03-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.nationalgeneral.com Entrust Certification Authority - L1K	`2021-02-24` - `2022-02-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://natgenagency.com/
Frame ID: DF8E8E30E74673A08303ADAB5BE5C00E
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

National General Insurance, Inc.

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?t=inu7rkdbb.0.0.o4iqtwrab.0&id=preview&r=3&p=https%3A%2F%2Fnatgenagen... HTTP 302
https://natgenagency.com/ Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

35
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

490 kB
Transfer

801 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nationalgeneral.com/getappointed
Title: Get Appointed

Search URL Search Domain Scan URL

URL: https://nghcprivacy.com/ca-notice-at-collection
Title: California Consumer Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?t=inu7rkdbb.0.0.o4iqtwrab.0&id=preview&r=3&p=https%3A%2F%2Fnatgenagency.com HTTP 302
https://natgenagency.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.nationalgeneral.com/natgenagency/img/bottom.png HTTP 301
https://nationalgeneral.com/natgenagency/img/bottom.png

35 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
natgenagency.com/
Redirect Chain

https://r20.rs6.net/tn.jsp?t=inu7rkdbb.0.0.o4iqtwrab.0&id=preview&r=3&p=https%3A%2F%2Fnatgenagency.com
https://natgenagency.com/

11 KB
6 KB

693ms
150ms

Document
text/html

167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

04246ebb8d2c5d41ceabd8ed2f963438b55d72881a0805c440698123c85e70ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: natgenagency.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; path=/; secure; HttpOnly; SameSite=Lax ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; path=/; secure; HttpOnly; SameSite=Lax __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; path=/; secure; HttpOnly dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; Path=/; Domain=.natgenagency.com; secure BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; path=/; Httponly; Secure
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
Server-Timing: dtRpid;desc="-398992190"
Date: Wed, 20 Oct 2021 19:40:10 GMT
Content-Length: 4414

Redirect headers

Date: Wed, 20 Oct 2021 19:40:09 GMT
Server: Apache
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Location: https://natgenagency.com
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1

GET
H/1.1 200
OK ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js Show response
natgenagency.com/ 298 KB
110 KB 113ms
112ms Script
text/javascript 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fbbb80e70773b52c29db20e9ea3e22ba2261434550121bc25b46db5f04bab8e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://natgenagency.com/
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Date: Wed, 20 Oct 2021 19:40:10 GMT
Content-Length: 112130
X-Xss-Protection: 1; mode=block
Expires: Thu, 20 Oct 2022 19:40:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 41ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700italic,300,700,300italic&subset=latin

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6aae613a67e90d3c377f91e64897a12c53a68f7a9196bf2ab2a0c96f01e4462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 19:40:10 GMT
server: ESF
date: Wed, 20 Oct 2021 19:40:10 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 20 Oct 2021 19:40:10 GMT

GET
H/1.1 200
OK BrowserWarningBanner.css
natgenagency.com/Styles/ 205 B
751 B 324ms
110ms Stylesheet
text/css 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/Styles/BrowserWarningBanner.css?v=637696167275548247

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1789ed250e6bfaa1d0eb726acfb80173c4a023edcd3fc0b952bc6dacce30cf5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://natgenagency.com/
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 12 Oct 2021 10:25:27 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "57eeb07953bfd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Xss-Protection: 1; mode=block
Date: Wed, 20 Oct 2021 19:40:10 GMT
Server-Timing: dtRpid;desc="171952736"
Accept-Ranges: bytes
Content-Length: 258
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ProcessingMask.css
natgenagency.com/Styles/ 5 KB
4 KB 326ms
111ms Stylesheet
text/css 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/Styles/ProcessingMask.css?v=637696167276017015

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

aa156145c07c0ab0b796739d438a4ae5b4100fc5acc155bcf44e09edc1afb4bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://natgenagency.com/
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 12 Oct 2021 10:25:27 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "80455c7953bfd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Xss-Protection: 1; mode=block
Date: Wed, 20 Oct 2021 19:40:10 GMT
Server-Timing: dtRpid;desc="-1421042748"
Accept-Ranges: bytes
Content-Length: 3341
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Login.min.css
natgenagency.com/Styles/AutoGen/ 8 KB
5 KB 325ms
110ms Stylesheet
text/css 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/Styles/AutoGen/Login.min.css?v=637696167275704496

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

35e1a5d31438e7a10b6dcd2a6082f0a39226ade6a702cd745d405e20697bab1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://natgenagency.com/
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 12 Oct 2021 10:25:27 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "80455c7953bfd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Xss-Protection: 1; mode=block
Date: Wed, 20 Oct 2021 19:40:10 GMT
Server-Timing: dtRpid;desc="-1744222346"
Accept-Ranges: bytes
Content-Length: 4195
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Login.min.js Show response
natgenagency.com/Scripts/AutoGen/ 121 KB
43 KB 331ms
116ms Script
application/javascript 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/Scripts/AutoGen/Login.min.js?v=637696167275391998

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

14fa1228248b8a6c82051cbd25e931096fb22957e78ca312831e458b997eec8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://natgenagency.com/
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 12 Oct 2021 10:25:27 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "80455c7953bfd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-Xss-Protection: 1; mode=block
Date: Wed, 20 Oct 2021 19:40:10 GMT
Server-Timing: dtRpid;desc="1686495484"
Accept-Ranges: bytes
Content-Length: 43102
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK WebResource.axd Show response
natgenagency.com/ 23 KB
6 KB 329ms
111ms Script
application/x-javascript 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZDr3o9VuQCyw8xBaZrzqvqTMyMy5TiaiQ2_RGB5gATcg7ocxewesp8bQLIga_CzRMg2&t=637458215700611034

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://natgenagency.com/
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "1610242770:dtagent10219210719121502CkEy"
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Server-Timing: dtRpid;desc="1782720607"
Content-Length: 6007
X-Xss-Protection: 1; mode=block
Last-Modified: Sun, 10 Jan 2021 01:39:29 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
Date: Wed, 20 Oct 2021 19:40:10 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public
X-Content-Type-Options: nosniff
Expires: Thu, 20 Oct 2022 09:03:32 GMT

GET
H/1.1 200
OK WebResource.axd Show response
natgenagency.com/ 3 KB
2 KB 447ms
122ms Script
application/x-javascript 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/WebResource.axd?d=JoBkLzP19aTuxbWOhHobYlrReqtpNDyuaYCe9xWu5e20ulk7b39BSTQ4KyH1CRtYjiF5YBiAXdWlmWsE6d7a0w2&t=637458215700611034

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://natgenagency.com/
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "1610242770:dtagent10219210719121502CkEy"
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Server-Timing: dtRpid;desc="-1583632852"
Content-Length: 978
X-Xss-Protection: 1; mode=block
Last-Modified: Sun, 10 Jan 2021 01:39:29 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
Date: Wed, 20 Oct 2021 19:40:10 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public
X-Content-Type-Options: nosniff
Expires: Thu, 20 Oct 2022 09:03:32 GMT

GET
H/1.1 200
OK NatGenAHH_trans.png
natgenagency.com/Images/Logos/ 4 KB
5 KB 114ms
114ms Image
image/png 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://natgenagency.com/Images/Logos/NatGenAHH_trans.png

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5185afd08b850885211eae7539db61225efb07729f18a5694815624b6b4fc560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://natgenagency.com/
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Oct 2021 10:25:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "def4157953bfd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Date: Wed, 20 Oct 2021 19:40:10 GMT
Server-Timing: dtRpid;desc="1567324678"
Accept-Ranges: bytes
Content-Length: 4502
X-Xss-Protection: 1; mode=block

GET
H/1.1

200
OK

bottom.png
nationalgeneral.com/natgenagency/img/
Redirect Chain

https://www.nationalgeneral.com/natgenagency/img/bottom.png
https://nationalgeneral.com/natgenagency/img/bottom.png

92 KB
93 KB

975ms
117ms

Image
image/png

167.19.21.43
GMACI-COMM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalgeneral.com/natgenagency/img/bottom.png
Requested by: Host: natgenagency.com
URL: https://natgenagency.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.19.21.43 , United States, ASN22221 (GMACI-COMM, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bea599812c70a48937fa99408e985715cc3c18ac49a5d5c63d5007029b9bb593

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 19:40:11 GMT
Last-Modified: Wed, 20 Oct 2021 14:05:08 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6821877dbbc5d71:0"
X-NGIC-Serv: W6
Content-Type: image/png
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-799501413"
Accept-Ranges: bytes
Content-Length: 94591

Redirect headers

Location: https://nationalgeneral.com/natgenagency/img/bottom.png
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK ruxitagentjs_D_10219210719121502.js
natgenagency.com/ 32 KB
12 KB 109ms
109ms Other
text/javascript 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/ruxitagentjs_D_10219210719121502.js

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fbc612474867897ecbcac183d9f1e86b440d9d7cfd04ced039b1a0fe21b76824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: same-origin
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: worker
Referer: https://natgenagency.com/
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtPC=2$358811037_551h1vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; dtSa=-; dtLatC=673; rxvt=1634760611052|1634758811042
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Date: Wed, 20 Oct 2021 19:40:10 GMT
Content-Length: 12096
X-Xss-Protection: 1; mode=block
Expires: Thu, 20 Oct 2022 19:40:11 GMT

GET
H/1.1 200
OK BG_Orange.png
natgenagency.com/Images/LoginV2/ 62 KB
62 KB 112ms
112ms Image
image/png 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://natgenagency.com/Images/LoginV2/BG_Orange.png

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/Styles/AutoGen/Login.min.css?v=637696167275704496

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

02829f67d46ff18969a673117acea5ab1599c5bc267eb6bd66a02ad835376e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://natgenagency.com/Styles/AutoGen/Login.min.css?v=637696167275704496
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtPC=2$358811037_551h1vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; dtSa=-; dtLatC=673; rxvt=1634760611052|1634758811042
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/Styles/AutoGen/Login.min.css?v=637696167275704496
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Oct 2021 10:25:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "f81fc07853bfd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Date: Wed, 20 Oct 2021 19:40:10 GMT
Server-Timing: dtRpid;desc="1649335870"
Accept-Ranges: bytes
Content-Length: 63470
X-Xss-Protection: 1; mode=block

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700italic,300,700,300italic&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 14:59:32 GMT
x-content-type-options: nosniff
age: 276039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 17 Oct 2022 14:59:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 37ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700italic,300,700,300italic&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 16:31:40 GMT
x-content-type-options: nosniff
age: 11311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 16:31:40 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 44ms
21ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700italic,300,700,300italic&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 18:15:22 GMT
x-content-type-options: nosniff
age: 91489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17484
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Oct 2022 18:15:22 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 39ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700italic,300,700,300italic&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 16:37:36 GMT
x-content-type-options: nosniff
age: 10955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17004
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 16:37:36 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 516d3cdfe7b3d3027c0c35f495464bb0c79fc8f27d1dc9a48c68bda76331c521

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Tab_Home.png
natgenagency.com/Images/LoginV2/ 1 KB
2 KB 110ms
110ms Image
image/png 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://natgenagency.com/Images/LoginV2/Tab_Home.png

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/Styles/AutoGen/Login.min.css?v=637696167275704496

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

71e8fe1526e603d94a6c308fb6cd05ee39d59a2965f2919a26315b2aea57f5ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://natgenagency.com/Styles/AutoGen/Login.min.css?v=637696167275704496
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtPC=2$358811037_551h1vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; dtSa=-; dtLatC=673; rxvt=1634760611052|1634758811042
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/Styles/AutoGen/Login.min.css?v=637696167275704496
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Oct 2021 10:25:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "8abdbd7853bfd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Date: Wed, 20 Oct 2021 19:40:11 GMT
Server-Timing: dtRpid;desc="1561035553"
Accept-Ranges: bytes
Content-Length: 1239
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 112ms
112ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/rb_bf75402dxt?type=js3&sn=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0&svrid=2&flavor=post&vi=RPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0&modifiedSince=1634741911073&rf=https%3A%2F%2Fnatgenagency.com%2F&bp=3&app=fea98bcd6d77bcd7&crc=2568912019&en=m9rdohhn&end=1

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtPC=2$358811037_551h1vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; dtSa=-; dtLatC=673; rxvt=1634760611052|1634758811042
Connection: keep-alive
Content-Length: 598
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:12 GMT

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 119ms
118ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/rb_bf75402dxt?type=js3&sn=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0&svrid=2&flavor=post&vi=RPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0&contentType=srBm&modifiedSince=1634741911073&rf=https%3A%2F%2Fnatgenagency.com%2F&bp=3&app=fea98bcd6d77bcd7&v=10219210719121502&vs=1&crc=1719585374&en=m9rdohhn&end=1

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760614210|1634758811042
Connection: keep-alive
Content-Length: 3576
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:14 GMT

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 109ms
109ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/rb_bf75402dxt?type=js3&sn=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0&svrid=2&flavor=post&vi=RPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0&contentType=srTe&modifiedSince=1634741911073&rf=https%3A%2F%2Fnatgenagency.com%2F&bp=3&app=fea98bcd6d77bcd7&v=10219210719121502&vs=1&crc=153943955&en=m9rdohhn&end=1

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760614210|1634758811042
Connection: keep-alive
Content-Length: 115
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:14 GMT

GET
H/1.1 200
OK BG_Orange.png
natgenagency.com/Images/LoginV2/ 62 KB
62 KB 113ms
113ms Image
image/png 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://natgenagency.com/Images/LoginV2/BG_Orange.png

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

02829f67d46ff18969a673117acea5ab1599c5bc267eb6bd66a02ad835376e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://natgenagency.com/
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760614210|1634758811042
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Oct 2021 10:25:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "f81fc07853bfd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Date: Wed, 20 Oct 2021 19:40:14 GMT
Server-Timing: dtRpid;desc="-440030876"
Accept-Ranges: bytes
Content-Length: 63470
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Tab_Home.png
natgenagency.com/Images/LoginV2/ 1 KB
2 KB 110ms
110ms Image
image/png 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://natgenagency.com/Images/LoginV2/Tab_Home.png

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

71e8fe1526e603d94a6c308fb6cd05ee39d59a2965f2919a26315b2aea57f5ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://natgenagency.com/
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760614210|1634758811042
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Oct 2021 10:25:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "8abdbd7853bfd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Date: Wed, 20 Oct 2021 19:40:14 GMT
Server-Timing: dtRpid;desc="1458112958"
Accept-Ranges: bytes
Content-Length: 1239
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 112ms
112ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760614210|1634758811042
Connection: keep-alive
Content-Length: 1362
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:14 GMT

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 112ms
112ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/rb_bf75402dxt?type=js3&sn=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0&svrid=2&flavor=post&vi=RPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0&contentType=srBm&modifiedSince=1634741911073&rf=https%3A%2F%2Fnatgenagency.com%2F&bp=3&app=fea98bcd6d77bcd7&v=10219210719121502&vs=1&crc=3248535656&en=m9rdohhn&end=1

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760614210|1634758811042
Connection: keep-alive
Content-Length: 330
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:16 GMT

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 116ms
116ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760614210|1634758811042
Connection: keep-alive
Content-Length: 3514
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:16 GMT

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 113ms
112ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/rb_bf75402dxt?type=js3&sn=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0&svrid=2&flavor=post&vi=RPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0&contentType=srBm&modifiedSince=1634741911073&rf=https%3A%2F%2Fnatgenagency.com%2F&bp=3&app=fea98bcd6d77bcd7&v=10219210719121502&vs=1&crc=1438007928&en=m9rdohhn&end=1

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760614210|1634758811042
Connection: keep-alive
Content-Length: 223
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:17 GMT

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 112ms
112ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/rb_bf75402dxt?type=js3&sn=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0&svrid=2&flavor=post&vi=RPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0&contentType=srBm&modifiedSince=1634741911073&rf=https%3A%2F%2Fnatgenagency.com%2F&bp=3&app=fea98bcd6d77bcd7&v=10219210719121502&vs=1&crc=4044455007&en=m9rdohhn&end=1

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760614210|1634758811042
Connection: keep-alive
Content-Length: 222
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:18 GMT

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 112ms
112ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/rb_bf75402dxt?type=js3&sn=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0&svrid=2&flavor=post&vi=RPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0&contentType=srBm&modifiedSince=1634741911073&rf=https%3A%2F%2Fnatgenagency.com%2F&bp=3&app=fea98bcd6d77bcd7&v=10219210719121502&vs=1&crc=3618569584&en=m9rdohhn&end=1

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760614210|1634758811042
Connection: keep-alive
Content-Length: 1148
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:19 GMT

GET
H/1.1 200
OK Tab_News.png
natgenagency.com/Images/LoginV2/ 614 B
1 KB 114ms
114ms Image
image/png 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://natgenagency.com/Images/LoginV2/Tab_News.png

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/Styles/AutoGen/Login.min.css?v=637696167275704496

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

eb3c7ef7760c007a6e674de98afeb279784c15ac7181c614f5a77af855703a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natgenagency.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://natgenagency.com/Styles/AutoGen/Login.min.css?v=637696167275704496
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760614210|1634758811042
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://natgenagency.com/Styles/AutoGen/Login.min.css?v=637696167275704496
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Oct 2021 10:25:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "29c07f7853bfd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Date: Wed, 20 Oct 2021 19:40:19 GMT
Server-Timing: dtRpid;desc="-1365775627"
Accept-Ranges: bytes
Content-Length: 614
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 113ms
113ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/rb_bf75402dxt?type=js3&sn=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0&svrid=2&flavor=post&vi=RPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0&contentType=srBm&modifiedSince=1634741911073&rf=https%3A%2F%2Fnatgenagency.com%2F&bp=3&app=fea98bcd6d77bcd7&v=10219210719121502&vs=1&crc=1194577715&en=m9rdohhn&end=1

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760620201|1634758811042
Connection: keep-alive
Content-Length: 1867
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:20 GMT

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 113ms
113ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/rb_bf75402dxt?type=js3&sn=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0&svrid=2&flavor=post&vi=RPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0&contentType=srTe&modifiedSince=1634741911073&rf=https%3A%2F%2Fnatgenagency.com%2F&bp=3&app=fea98bcd6d77bcd7&v=10219210719121502&vs=1&crc=1249233326&en=m9rdohhn&end=1

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760620201|1634758811042
Connection: keep-alive
Content-Length: 80
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:20 GMT

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 112ms
111ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/rb_bf75402dxt?type=js3&sn=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0&svrid=2&flavor=post&vi=RPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0&contentType=srBm&modifiedSince=1634741911073&rf=https%3A%2F%2Fnatgenagency.com%2F&bp=3&app=fea98bcd6d77bcd7&v=10219210719121502&vs=1&crc=1974189563&en=m9rdohhn&end=1

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760620201|1634758811042
Connection: keep-alive
Content-Length: 223
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:21 GMT

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 112ms
112ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/rb_bf75402dxt?type=js3&sn=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0&svrid=2&flavor=post&vi=RPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0&contentType=srBm&modifiedSince=1634741911073&rf=https%3A%2F%2Fnatgenagency.com%2F&bp=3&app=fea98bcd6d77bcd7&v=10219210719121502&vs=1&crc=49601765&en=m9rdohhn&end=1

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760620201|1634758811042
Connection: keep-alive
Content-Length: 222
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:22 GMT

POST
H/1.1 200
OK rb_bf75402dxt Show response
natgenagency.com/ 120 B
630 B 113ms
112ms XHR
text/plain 167.19.115.21
GMACI-COMM

General

Check archive.org

Show headers Download Go to

Full URL

https://natgenagency.com/rb_bf75402dxt?type=js3&sn=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0&svrid=2&flavor=post&vi=RPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0&contentType=srBm&modifiedSince=1634741911073&rf=https%3A%2F%2Fnatgenagency.com%2F&bp=3&app=fea98bcd6d77bcd7&v=10219210719121502&vs=1&crc=2733908986&en=m9rdohhn&end=1

Requested by

Host: natgenagency.com
URL: https://natgenagency.com/ruxitagentjs_ICA2QVfhjqrux_10219210719121502.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.19.115.21 , United States, ASN22221 (GMACI-COMM, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://natgenagency.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: ASP.NET_SessionId=lgux1zkc3k4passwrh0thle1; __RequestVerificationToken=QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1; dtCookie=v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0; BIGipServernatgenagency.com_www_http=!00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==; rxVisitor=16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC; dtSa=-; dtLatC=673; dtPC=2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0; rxvt=1634760620201|1634758811042
Connection: keep-alive
Content-Length: 228
Pragma: no-cache
Host: natgenagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream
Accept: */*
Cache-Control: no-cache
Referer: https://natgenagency.com/
Sec-Fetch-Site: same-origin
Referer: https://natgenagency.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/octet-stream

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Date: Wed, 20 Oct 2021 19:40:23 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
natgenagency.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: lgux1zkc3k4passwrh0thle1
natgenagency.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: QOdxaONdcj7Vyn9UJMbdLwvmWLnuq3cQFJfBATSZ-HwmiqAXSmM2WFTCgZZ63K8JH2thYjrnMi0MAKacWQy43Z-GDaSpLv2aR0zGb1CWhLM1
.natgenagency.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_2_sn_BDDAF8A6F03C4D8057708F9B8D62CD84_perc_84437_ol_0_mul_2_app-3Afea98bcd6d77bcd7_1_rcs-3Acss_0
natgenagency.com/	1969-12-31 23:59:59	Name: BIGipServernatgenagency.com_www_http Value: !00zy3FgC8dpnSRBMr4TxEaArubilsxvqbx/B5NWRGS4RMfTq7YtHm1IzcFgQevkBT2RS1C/YHH8Z6g==
.natgenagency.com/	1970-01-20 15:37:10	Name: rxVisitor Value: 16347588110409H5LN7JRMMVOH79U39OFP7N6QLMICIVC
.natgenagency.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.natgenagency.com/	1969-12-31 23:59:59	Name: dtLatC Value: 673
.natgenagency.com/	1969-12-31 23:59:59	Name: dtPC Value: 2$358811037_551h-vRPDFBOKWPPHBDACUFEHRKRNEOGKHKGRP-0
.natgenagency.com/	1969-12-31 23:59:59	Name: rxvt Value: 1634760614210\|1634758811042

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
natgenagency.com
nationalgeneral.com
r20.rs6.net
www.nationalgeneral.com
167.19.115.21
167.19.21.43
208.75.122.11
2a00:1450:4001:808::200a
2a00:1450:4001:811::2003
02829f67d46ff18969a673117acea5ab1599c5bc267eb6bd66a02ad835376e5d
04246ebb8d2c5d41ceabd8ed2f963438b55d72881a0805c440698123c85e70ec
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
14fa1228248b8a6c82051cbd25e931096fb22957e78ca312831e458b997eec8b
1789ed250e6bfaa1d0eb726acfb80173c4a023edcd3fc0b952bc6dacce30cf5b
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35e1a5d31438e7a10b6dcd2a6082f0a39226ade6a702cd745d405e20697bab1d
3a14ea115e20b2f123338e93505ff47a176de162348c31519d39487b91985a3e
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
516d3cdfe7b3d3027c0c35f495464bb0c79fc8f27d1dc9a48c68bda76331c521
5185afd08b850885211eae7539db61225efb07729f18a5694815624b6b4fc560
71e8fe1526e603d94a6c308fb6cd05ee39d59a2965f2919a26315b2aea57f5ab
aa156145c07c0ab0b796739d438a4ae5b4100fc5acc155bcf44e09edc1afb4bf
bea599812c70a48937fa99408e985715cc3c18ac49a5d5c63d5007029b9bb593
e6aae613a67e90d3c377f91e64897a12c53a68f7a9196bf2ab2a0c96f01e4462
eb3c7ef7760c007a6e674de98afeb279784c15ac7181c614f5a77af855703a62
fbbb80e70773b52c29db20e9ea3e22ba2261434550121bc25b46db5f04bab8e2
fbc612474867897ecbcac183d9f1e86b440d9d7cfd04ced039b1a0fe21b76824

natgenagency.com Open in urlscan Pro 167.19.115.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

40 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

490 kBTransfer

801 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

natgenagency.com Open in urlscan Pro
167.19.115.21 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

490 kB
Transfer

801 kB
Size

9
Cookies

35 HTTP transactions
1 data transactions