urlscan.io logo urlscan.io
SecurityTrails logo

act.myngp.com Open in urlscan Pro
45.60.153.95  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://act.myngp.com/el/sJuOGsYRmYR1qAkaUQvTQoozHtTTdFn8UPpFsGiMsio=/IGqbXAwrq5wo77NySstvTsDjBpBAwwDzF_9VroRtkgI=
Effective URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Submission: On May 21 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 20 domains to perform 43 HTTP transactions. The main IP is 45.60.153.95, located in Redwood City, United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is act.myngp.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 1st 2017. Valid for: 2 years.
This is the only time act.myngp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 45.60.153.95 19551 (INCAPSULA)
5 52.85.177.25 16509 (AMAZON-02)
1 152.199.19.160 15133 (EDGECAST)
2 216.58.210.8 15169 (GOOGLE)
1 216.58.207.72 15169 (GOOGLE)
3 40.114.13.25 8075 (MICROSOFT...)
1 9 216.58.210.14 15169 (GOOGLE)
1 54.231.48.144 16509 (AMAZON-02)
3 64.233.167.157 15169 (GOOGLE)
2 52.169.64.244 8075 (MICROSOFT...)
43 10
18    45.60.153.95 (Redwood City, United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
act.myngp.com
secure.everyaction.com
act.shotatlife.org
act.unfoundation.org
act.unausa.org
act.nothingbutnets.net
act.girlup.org
act.betterworldcampaign.org
act.biologicaldiversity.org
secure.sempervirens.org
act.audubon.org
secure.ngpvan.com
5    52.85.177.25 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-177-25.fra6.r.cloudfront.net
d1aqhv4sn5kxtx.cloudfront.net
1    152.199.19.160 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az416426.vo.msecnd.net
2    216.58.210.8 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f8.1e100.net
www.googletagmanager.com
1    216.58.207.72 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f8.1e100.net
ssl.google-analytics.com
3    40.114.13.25 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
profile.ngpvan.com
forms-prod.azurewebsites.net
9    216.58.210.14 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f14.1e100.net
www.google-analytics.com
1    54.231.48.144 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com
formdefs.s3.amazonaws.com
3    64.233.167.157 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wl-in-f157.1e100.net
stats.g.doubleclick.net
2    52.169.64.244 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
dc.services.visualstudio.com
Domain Requested by
9 www.google-analytics.com 1 redirects www.googletagmanager.com
act.myngp.com
7 act.myngp.com 1 redirects act.myngp.com
5 d1aqhv4sn5kxtx.cloudfront.net act.myngp.com
d1aqhv4sn5kxtx.cloudfront.net
www.googletagmanager.com
3 stats.g.doubleclick.net act.myngp.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 profile.ngpvan.com d1aqhv4sn5kxtx.cloudfront.net
az416426.vo.msecnd.net
2 www.googletagmanager.com act.myngp.com
d1aqhv4sn5kxtx.cloudfront.net
1 secure.ngpvan.com az416426.vo.msecnd.net
1 act.audubon.org az416426.vo.msecnd.net
1 secure.sempervirens.org az416426.vo.msecnd.net
1 act.biologicaldiversity.org az416426.vo.msecnd.net
1 act.betterworldcampaign.org az416426.vo.msecnd.net
1 act.girlup.org az416426.vo.msecnd.net
1 act.nothingbutnets.net az416426.vo.msecnd.net
1 act.unausa.org az416426.vo.msecnd.net
1 act.unfoundation.org az416426.vo.msecnd.net
1 act.shotatlife.org az416426.vo.msecnd.net
1 forms-prod.azurewebsites.net az416426.vo.msecnd.net
1 secure.everyaction.com az416426.vo.msecnd.net
1 formdefs.s3.amazonaws.com az416426.vo.msecnd.net
1 ssl.google-analytics.com act.myngp.com
1 az416426.vo.msecnd.net act.myngp.com
43 22

This site contains links to these domains. Also see Links.

Domain
www.ngpvan.com
norrisforthepeople.com
Subject Issuer Validity Valid
act.myngp.com
Go Daddy Secure Certificate Authority - G2		 2017-11-01 -
2019-12-15		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Frame ID: CD8E465888F43A0CA41BEA902D21EA81
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://act.myngp.com/el/sJuOGsYRmYR1qAkaUQvTQoozHtTTdFn8UPpFsGiMsio=/IGqbXAwrq5wo77NySstvTsDjBpBA... HTTP 302
    https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg== Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i

Page Statistics

43
Requests

14 %
HTTPS

0 %
IPv6

20
Domains

22
Subdomains

10
IPs

2
Countries

481 kB
Transfer

1427 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://act.myngp.com/el/sJuOGsYRmYR1qAkaUQvTQoozHtTTdFn8UPpFsGiMsio=/IGqbXAwrq5wo77NySstvTsDjBpBAwwDzF_9VroRtkgI= HTTP 302
    https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.google-analytics.com/r/collect?v=1&_v=j67&a=807960103&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F5498692900954704640%3Fmidqs%3D_rqiuJPiDXc5rrc9pf6ckg%3D%3D&ul=en-us&de=UTF-8&dt=Sign%20on%20to%20tell%20Kim%20Reynolds%20to%20disavow%20Steve%20King&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=SignupForm&ea=Form%20Load&el=Oberon&ev=5&_utma=101563537.268744651.1526921953.1526921953.1526921953.1&_utmz=101563537.1526921953.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1526921954045&_u=aSHCAEAB~&jid=1279664998&gjid=2116344704&cid=268744651.1526921953&tid=UA-28243511-20&_gid=206928724.1526921954&_r=1&gtm=G4s5L2FSL&cd6=5498692900954704640&z=1395927876 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=268744651.1526921953&jid=1279664998&_gid=206928724.1526921954&gjid=2116344704&_v=j67&z=1395927876

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 5498692900954704640
act.myngp.com/Forms/
Redirect Chain
  • https://act.myngp.com/el/sJuOGsYRmYR1qAkaUQvTQoozHtTTdFn8UPpFsGiMsio=/IGqbXAwrq5wo77NySstvTsDjBpBAwwDzF_9VroRtkgI=
  • https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a1c9795ed26c3d692a71d245fad97eeb230b99e48af2ca9bb4be890cb7d53ada

Request headers

Host
act.myngp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
BIGipServerpool_ob_act_myngp_com=!HjpWdOVR4gVU7ctYeJn4bPxPlfs2+U++nR/mGhZimPT3jQcE24ZOnmehnXjdFWSYiHe+Js+3p27f4rpnl7n+Ty4pW4gWqYhJ1ibc68EA7dNaLEjjZPX5yT265kvdifskCkcYcsgoPzZl58Lv5NhKpUFavRMQutw=; visid_incap_364709=UjRSwU1IQ/unjq0IgRNeiuD6AlsAAAAAQUIPAAAAAAArcP8LJJm1bejFks4kJh2X; incap_ses_474_364709=YJLZJsGkcVSSbulWU/2TBuD6AlsAAAAA11CwuiZYP2JEUD8VPM5k2g==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
CD8E465888F43A0CA41BEA902D21EA81

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=1z11zonk05suax0t0cappzwc; path=/; HttpOnly
X-AspNetMvc-Version
4.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Date
Mon, 21 May 2018 16:58:21 GMT
X-Iinfo
1-10355375-10355376 SNNN RT(1526921952571 207) q(0 0 0 -1) r(2 2) U2
X-CDN
Incapsula
Transfer-Encoding
chunked

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
4.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Date
Mon, 21 May 2018 16:58:20 GMT
Content-Length
195
Set-Cookie
BIGipServerpool_ob_act_myngp_com=!HjpWdOVR4gVU7ctYeJn4bPxPlfs2+U++nR/mGhZimPT3jQcE24ZOnmehnXjdFWSYiHe+Js+3p27f4rpnl7n+Ty4pW4gWqYhJ1ibc68EA7dNaLEjjZPX5yT265kvdifskCkcYcsgoPzZl58Lv5NhKpUFavRMQutw=; path=/ visid_incap_364709=UjRSwU1IQ/unjq0IgRNeiuD6AlsAAAAAQUIPAAAAAAArcP8LJJm1bejFks4kJh2X; expires=Tue, 21 May 2019 16:29:46 GMT; path=/; Domain=.myngp.com incap_ses_474_364709=YJLZJsGkcVSSbulWU/2TBuD6AlsAAAAA11CwuiZYP2JEUD8VPM5k2g==; path=/; Domain=.myngp.com
X-Iinfo
1-10355375-10355376 NNNN CT(0 0 0) RT(1526921952571 33) q(0 0 0 1) r(1 1) U11
X-CDN
Incapsula
5f6bdc69-7686-4233-994f-24f1632a5e25.Original.with%20our%20pic%20black.css
act.myngp.com/Uploads/18296/ 		1 KB
948 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.myngp.com/Uploads/18296/5f6bdc69-7686-4233-994f-24f1632a5e25.Original.with%20our%20pic%20black.css
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
91fde29417090ed92b3fa9f4cc88fdc8e2b6e20fcf68d9a53bea163b34eb567d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Cookie
BIGipServerpool_ob_act_myngp_com=!HjpWdOVR4gVU7ctYeJn4bPxPlfs2+U++nR/mGhZimPT3jQcE24ZOnmehnXjdFWSYiHe+Js+3p27f4rpnl7n+Ty4pW4gWqYhJ1ibc68EA7dNaLEjjZPX5yT265kvdifskCkcYcsgoPzZl58Lv5NhKpUFavRMQutw=; visid_incap_364709=UjRSwU1IQ/unjq0IgRNeiuD6AlsAAAAAQUIPAAAAAAArcP8LJJm1bejFks4kJh2X; incap_ses_474_364709=YJLZJsGkcVSSbulWU/2TBuD6AlsAAAAA11CwuiZYP2JEUD8VPM5k2g==; ASP.NET_SessionId=1z11zonk05suax0t0cappzwc
Connection
keep-alive
Cache-Control
no-cache
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 21 May 2018 16:59:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 May 2018 14:51:50 GMT
X-CDN
Incapsula
Etag
"84826deb80efd31:0"
Content-Type
text/css
X-Iinfo
1-10355375-10355374 2VNN RT(1526921952571 392) q(0 0 0 -1) r(4 4) U18
Content-Length
652
at.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		781 KB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
HTTP/1.1
Server
52.85.177.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-177-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad88e9ea6e996a7041f1ed26ee53755332529d551c33f2b89b7560e6ce32252f

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 17 May 2018 13:36:45 GMT
Content-Encoding
gzip
Age
12105
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
230474
Access-Control-Allow-Origin
*
Last-Modified
Thu, 17 May 2018 13:36:35 GMT
Server
AmazonS3
ETag
"2966937ff985fc622533ae624a2aafae"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Via
1.1 42784a7a05b9d149cd97ebe4008edeea.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Amz-Cf-Id
XPys6JgRmnWrx_qtddyTix-OrBj6kQe6UaGYCNlRqmE1O2uJCj37Vw==
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
SPDY
Server
152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
3106a8fdd08ead21c51fb978450673318bff94d51c091cd9726fb7ba7e0c279d

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 21 May 2018 16:59:13 GMT
content-encoding
gzip
content-md5
xp/+yiyV9kFA+F/Xaldq6A==
x-cache
HIT
status
200
content-length
21434
x-ms-lease-status
unlocked
last-modified
Tue, 01 May 2018 07:09:23 GMT
server
ECAcc (frc/8FA5)
etag
0x8D5AF32778A512C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
47beda59-801e-00c0-4a24-f16ea0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=600
x-ms-version
2009-09-19
gtm.js
www.googletagmanager.com/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WN78RH
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
SPDY
Server
216.58.210.8 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f8.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
414479502dd4204c53c6a878ad3f8fcf9eab7a3e4ece239db3e338963f4c46a3
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 21 May 2018 16:59:13 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
21704
x-xss-protection
1; mode=block
expires
Mon, 21 May 2018 16:59:13 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
SPDY
Server
216.58.207.72 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Apr 2018 18:13:11 GMT
server
Golfe2
age
3458
date
Mon, 21 May 2018 16:01:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
17168
expires
Mon, 21 May 2018 18:01:35 GMT
_Incapsula_Resource
act.myngp.com/ 		110 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.myngp.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1586258428
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
cde4e5d344bb96969bdc2764030b96acddd85d310ef8c31066e8211de0e54a5a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Cookie
BIGipServerpool_ob_act_myngp_com=!HjpWdOVR4gVU7ctYeJn4bPxPlfs2+U++nR/mGhZimPT3jQcE24ZOnmehnXjdFWSYiHe+Js+3p27f4rpnl7n+Ty4pW4gWqYhJ1ibc68EA7dNaLEjjZPX5yT265kvdifskCkcYcsgoPzZl58Lv5NhKpUFavRMQutw=; visid_incap_364709=UjRSwU1IQ/unjq0IgRNeiuD6AlsAAAAAQUIPAAAAAAArcP8LJJm1bejFks4kJh2X; incap_ses_474_364709=YJLZJsGkcVSSbulWU/2TBuD6AlsAAAAA11CwuiZYP2JEUD8VPM5k2g==; ASP.NET_SessionId=1z11zonk05suax0t0cappzwc
Connection
keep-alive
Cache-Control
no-cache
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache
Content-Length
16037
Content-Type
application/javascript
ngpvan-logo-16.png
d1aqhv4sn5kxtx.cloudfront.net/images/ 		617 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/images/ngpvan-logo-16.png
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
HTTP/1.1
Server
52.85.177.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-177-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 12 May 2018 11:27:24 GMT
Via
1.1 42784a7a05b9d149cd97ebe4008edeea.cloudfront.net (CloudFront)
Age
797510
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
617
Last-Modified
Thu, 28 Aug 2014 21:19:38 GMT
Server
AmazonS3
ETag
"3d6f9aab1e809b87c195e78264cb01f8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
RY_zjOsiXeaUAskk_eJkZEROuzg9orWsKcNdczDXYwq2BaAFbP9i4g==
identity
profile.ngpvan.com/ 		72 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Server
40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
6e917a738c60cee7ee552a847b8bf916b47b24315f94e063bf2d7b9da1da41b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 21 May 2018 16:59:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
Express, ASP.NET
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Content-Type
text/javascript; charset=utf-8
Content-Length
194
ETag
W/"48-MuqG/wuDsyBwNHy4DbR887u9C7g"
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag
gtm.js
www.googletagmanager.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
SPDY
Server
216.58.210.8 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f8.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
b3ec59a975f26e3a6102ba64683002d19bdb4f082fa5a48689bfe7dcddaba061
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 21 May 2018 16:59:13 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
18036
x-xss-protection
1; mode=block
expires
Mon, 21 May 2018 16:59:13 GMT
at.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		104 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Server
52.85.177.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-177-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25c868b823baf8d30c3af7ced6ff330ded26d08e841dfa93feea17811d7f5fb8

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 17 May 2018 13:36:50 GMT
Content-Encoding
gzip
Age
12082
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
19440
Access-Control-Allow-Origin
*
Last-Modified
Thu, 17 May 2018 13:36:35 GMT
Server
AmazonS3
ETag
"d140ebaaad5fc42ae53e62159671a3c7"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Via
1.1 42784a7a05b9d149cd97ebe4008edeea.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Amz-Cf-Id
MClgEy6ZBE7NtwVQ3f8P0jA9N_adV2h-Sb48T0vyQdZAavGX3o781Q==
extra.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		70 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Server
52.85.177.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-177-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d5abc8b0c826a3070659eb2f2be12308e146a8456323345221a478cefd59e9

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 17 May 2018 13:36:50 GMT
Content-Encoding
gzip
Age
11848
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
16027
Access-Control-Allow-Origin
*
Last-Modified
Thu, 17 May 2018 13:36:35 GMT
Server
AmazonS3
ETag
"e99016f8945a101c8def9c8e25da6bc8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Via
1.1 42784a7a05b9d149cd97ebe4008edeea.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Amz-Cf-Id
QE46eE67Ia2c6alK1rsMW1U5cwa8fOcpjqRlzF5Dd9iwfsjNMpyktQ==
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WN78RH
Protocol
SPDY
Server
216.58.210.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Apr 2018 18:13:11 GMT
server
Golfe2
age
981
date
Mon, 21 May 2018 16:42:52 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14353
expires
Mon, 21 May 2018 18:42:52 GMT
Cookie set _Incapsula_Resource
act.myngp.com/ 		1 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.myngp.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9583347986322954
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Cookie
ai_user=9EGIH|2018-05-21T16:59:13.455Z; __utma=101563537.268744651.1526921953.1526921953.1526921953.1; __utmb=101563537.0.10.1526921953; __utmc=101563537; __utmz=101563537.1526921953.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=101563537.|1=Tenant=Norris%2C%20John=1; ___utmvc=EkI9qxLd1oCuxEUzY73kfgyMKYV28xZxKEX7pK/pLKHZE8qUkAWcFTGMk6qH2x2iqp64D59uWf551FW+cLmFHdip8GhV9tThPtTLytOPQcns9VU7CmuML7oeaTPLXsrb7jKvF8KQFpHLie7HhpM5qapicSsKrf6H1k0l+ghfMvOlO6xXYZtoriGz3846yo0oDmIH3oOK6XYRY4bjuA2RrZO7agjgV3xaDEXbZKyiL56uV54WaEuc5I3qPPChtyluzmk1c+Rt2oh4h8JoFdjcnblF3UaDZ+uVSmVq23HUhjCWUknIzH81ezIVTwSnNzgiMY+j6q3u6c6KVb3OhOlsCERUmR31uRCpoXxjIYtlBlupGGcWeEIDEDlx3vdUow0Il+BtcxwvhCfnyWEdP7S7s+sN1zCVahqJrgJt7K2X7of1oG7pfAXTG1NpLWz2LjDH9m7YfR2k5lGtzgwRKOeGKsWiZdD6COAiItZXcCNWpmSaZlyngqJzteJYO7IQ/wkb9ccnuZ8goBgPChCB3KyVpFltk6tHLrrM6G15EABH2lB5aPNRV1Hs35bfor5s/xBUcmTkAek7FrY8Qi0lRCrODH06pGmqra0ijOgvazkO5JbvJe2f/Shhv3LQsT4NtqdYxhxbzsT/eE3XJTcxzYo7e4MkoPV4PMRpWFi17f4BUSB3ssCS9qJIK5wQGobfCXX8E3/XCq8aeMezqKaN+bFWDrA49JtRPzcag+vnkZPqwT4DzeLhtwx3JC1e2r0t3UZ8/WxNQA/WgieoH8MBGMeRzUtLM14/UVRjT/F4TEdYCMxpf/C3CJG8N/b6nzGESizce8E0GWvgSqTpd+Bt3iA+/cvEAOu36VTImIajxxay7jBMH4Vm3SYqT3GhyQTmjaD6WLlYdzFEVqdr0kffN3OPRSsKVvLIq7T/zsenZCO2EDZH40nMczUU3uzgAP5DpvQ5OI6NGsYNkeFkbPG7fSF+0yrPsMMC9PbfogpuGYbL0Y3ZZFXN7wRuHrUu73CwPV7Qu88taXh9BWpO57l00N5m4FwwAZGmi5myck6JyGYuLtYlPXI0COI+txKUbZMNnRdTXHhp1OcO+84S+TUpU5XpHupOLGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Cache-Control
no-cache
Set-Cookie
visid_incap_364709=rYdW+OKpTdutx76/Y3XCZOH6AlsAAAAAQUIPAAAAAAAnc/7xu8BLL75PZVCp+foB; expires=Tue, 21 May 2019 16:29:46 GMT; path=/; Domain=.myngp.com incap_ses_474_364709=f8kUF5ZSnzWcb+lWU/2TBuH6AlsAAAAAX9SVjARh7ShRXfRIbRFxtA==; path=/; Domain=.myngp.com
Content-Length
1
Content-Type
text/plain
5498692900954704640
formdefs.s3.amazonaws.com/api.myngp.com/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://formdefs.s3.amazonaws.com/api.myngp.com/5498692900954704640
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
54.231.48.144 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8161bb93cbc0636e06064e3c1ff285391a5c2a3e1c14753311c0e3683f129b0d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 21 May 2018 16:59:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 May 2018 15:29:52 GMT
Server
AmazonS3
x-amz-request-id
5F74E99EC6914932
ETag
"513c96c6799f3eae4210660c3738d555"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
max-age=0
Accept-Ranges
bytes
Content-Length
1983
x-amz-id-2
xYtzB+7Gvg8XkpYDkEdMPMuFZlJvk/ypn01b5yrscG5xaj9V+FxnfcafWn7AMSlu
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j67&a=807960103&t=pageview&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F5498692900954704640%3Fmidqs%3D_rqiuJPiDXc5rrc9pf6ckg%3D%3D&ul=en-us&de=UTF-8&dt=Sign%20on%20to%20tell%20Kim%20Reynolds%20to%20disavow%20Steve%20King&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_utma=101563537.268744651.1526921953.1526921953.1526921953.1&_utmz=101563537.1526921953.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1526921953653&_u=YQBCAAAB~&jid=1338468144&gjid=1964006293&cid=268744651.1526921953&tid=UA-28243511-13&_gid=206928724.1526921954&_r=1&gtm=G4sWN78RH&z=72831062
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
SPDY
Server
216.58.210.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 May 2018 16:59:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j67&a=807960103&t=pageview&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F5498692900954704640%3Fmidqs%3D_rqiuJPiDXc5rrc9pf6ckg%3D%3D&ul=en-us&de=UTF-8&dt=Sign%20on%20to%20tell%20Kim%20Reynolds%20to%20disavow%20Steve%20King&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_utma=101563537.268744651.1526921953.1526921953.1526921953.1&_utmz=101563537.1526921953.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1526921953661&_u=YSDCgAAB~&jid=344183260&gjid=655437546&cid=268744651.1526921953&tid=UA-28243511-5&_gid=206928724.1526921954&gtm=G4sWN78RH&cd1=ACCOUNT%20ADMIN&cd2=Norris%2C%20John&z=2001877882
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
SPDY
Server
216.58.210.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 May 2018 10:46:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
627169
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j67&tid=UA-28243511-5&cid=268744651.1526921953&jid=344183260&gjid=655437546&_gid=206928724.1526921954&_u=YSDCgAAB~&z=1004050190
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
SPDY
Server
64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wl-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 21 May 2018 16:59:13 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
sweetspot.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
HTTP/1.1
Server
52.85.177.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-177-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 15:36:18 GMT
Via
1.1 42784a7a05b9d149cd97ebe4008edeea.cloudfront.net (CloudFront)
Age
3604
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8149
Last-Modified
Wed, 01 Mar 2017 15:31:32 GMT
Server
AmazonS3
ETag
"37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, s-maxage=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
M2mCZzuA9y9pwGwBbxuDHwufkRZSLiGV7rkSrT5XPyNBnXSlYtKvhw==
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j67&a=807960103&t=pageview&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F5498692900954704640%3Fmidqs%3D_rqiuJPiDXc5rrc9pf6ckg%3D%3D&ul=en-us&de=UTF-8&dt=Sign%20on%20to%20tell%20Kim%20Reynolds%20to%20disavow%20Steve%20King&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_utma=101563537.268744651.1526921953.1526921953.1526921953.1&_utmz=101563537.1526921953.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1526921953690&_u=aSDCgEAB~&jid=1313305159&gjid=781288757&cid=268744651.1526921953&tid=UA-28243511-20&_gid=206928724.1526921954&gtm=G4s5L2FSL&z=1791964813
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
SPDY
Server
216.58.210.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 May 2018 10:46:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
627169
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j67&tid=UA-28243511-20&cid=268744651.1526921953&jid=1313305159&gjid=781288757&_gid=206928724.1526921954&_u=aSDCgEAB~&z=1056591806
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Protocol
SPDY
Server
64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wl-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 21 May 2018 16:59:13 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
nvtag
profile.ngpvan.com/v2/data/juyW$tR5VYe_psE0LZ8OkA6K/ 		2 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/v2/data/juyW$tR5VYe_psE0LZ8OkA6K/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 21 May 2018 16:59:14 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
Express, ASP.NET
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://act.myngp.com
Access-Control-Allow-Credentials
true
Content-Length
123
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j67&a=807960103&t=timing&_s=2&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F5498692900954704640%3Fmidqs%3D_rqiuJPiDXc5rrc9pf6ckg%3D%3D&ul=en-us&de=UTF-8&dt=Sign%20on%20to%20tell%20Kim%20Reynolds%20to%20disavow%20Steve%20King&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=1324&pdt=4&dns=0&rrt=391&srt=175&tcp=0&dit=836&clt=836&_utma=101563537.268744651.1526921953.1526921953.1526921953.1&_utmz=101563537.1526921953.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1526921953935&_u=aSDCgEAB~&jid=&gjid=&cid=268744651.1526921953&tid=UA-28243511-5&_gid=206928724.1526921954&gtm=G4sWN78RH&cd1=ACCOUNT%20ADMIN&cd2=Norris%2C%20John&z=992361874
Protocol
SPDY
Server
216.58.210.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 May 2018 10:46:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
627169
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
52.169.64.244 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 21 May 2018 16:59:13 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
0
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j67&a=807960103&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F5498692900954704640%3Fmidqs%3D_rqiuJPiDXc5rrc9pf6ckg%3D%3D&ul=en-us&de=U...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=268744651.1526921953&jid=1279664998&_gid=206928724.1526921954&gjid=2116344704&_v=j67&z=1395927876
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=268744651.1526921953&jid=1279664998&_gid=206928724.1526921954&gjid=2116344704&_v=j67&z=1395927876
Protocol
SPDY
Server
64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wl-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 21 May 2018 16:59:14 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 May 2018 16:59:14 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=268744651.1526921953&jid=1279664998&_gid=206928724.1526921954&gjid=2116344704&_v=j67&z=1395927876
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
419
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j67&a=807960103&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F5498692900954704640%3Fmidqs%3D_rqiuJPiDXc5rrc9pf6ckg%3D%3D&ul=en-us&de=UTF-8&dt=Sign%20on%20to%20tell%20Kim%20Reynolds%20to%20disavow%20Steve%20King&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_utma=101563537.268744651.1526921953.1526921953.1526921953.1&_utmz=101563537.1526921953.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1526921954047&_u=aSHCAEAB~&jid=&gjid=&cid=268744651.1526921953&tid=UA-28243511-20&_gid=206928724.1526921954&gtm=G4s5L2FSL&cd1=SignupForm&z=1574199815
Protocol
SPDY
Server
216.58.210.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 May 2018 10:46:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
627170
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
4(1).jpg
act.myngp.com/Uploads/18296/images/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.myngp.com/Uploads/18296/images/4(1).jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
6aea0ba0b4a3b173d7bd2cd575ae5846e4e0ed6246fdc590c35d0756c3aa1395

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Cookie
ai_user=9EGIH|2018-05-21T16:59:13.455Z; __utma=101563537.268744651.1526921953.1526921953.1526921953.1; __utmb=101563537.0.10.1526921953; __utmc=101563537; __utmz=101563537.1526921953.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=101563537.|1=Tenant=Norris%2C%20John=1; ___utmvc=EkI9qxLd1oCuxEUzY73kfgyMKYV28xZxKEX7pK/pLKHZE8qUkAWcFTGMk6qH2x2iqp64D59uWf551FW+cLmFHdip8GhV9tThPtTLytOPQcns9VU7CmuML7oeaTPLXsrb7jKvF8KQFpHLie7HhpM5qapicSsKrf6H1k0l+ghfMvOlO6xXYZtoriGz3846yo0oDmIH3oOK6XYRY4bjuA2RrZO7agjgV3xaDEXbZKyiL56uV54WaEuc5I3qPPChtyluzmk1c+Rt2oh4h8JoFdjcnblF3UaDZ+uVSmVq23HUhjCWUknIzH81ezIVTwSnNzgiMY+j6q3u6c6KVb3OhOlsCERUmR31uRCpoXxjIYtlBlupGGcWeEIDEDlx3vdUow0Il+BtcxwvhCfnyWEdP7S7s+sN1zCVahqJrgJt7K2X7of1oG7pfAXTG1NpLWz2LjDH9m7YfR2k5lGtzgwRKOeGKsWiZdD6COAiItZXcCNWpmSaZlyngqJzteJYO7IQ/wkb9ccnuZ8goBgPChCB3KyVpFltk6tHLrrM6G15EABH2lB5aPNRV1Hs35bfor5s/xBUcmTkAek7FrY8Qi0lRCrODH06pGmqra0ijOgvazkO5JbvJe2f/Shhv3LQsT4NtqdYxhxbzsT/eE3XJTcxzYo7e4MkoPV4PMRpWFi17f4BUSB3ssCS9qJIK5wQGobfCXX8E3/XCq8aeMezqKaN+bFWDrA49JtRPzcag+vnkZPqwT4DzeLhtwx3JC1e2r0t3UZ8/WxNQA/WgieoH8MBGMeRzUtLM14/UVRjT/F4TEdYCMxpf/C3CJG8N/b6nzGESizce8E0GWvgSqTpd+Bt3iA+/cvEAOu36VTImIajxxay7jBMH4Vm3SYqT3GhyQTmjaD6WLlYdzFEVqdr0kffN3OPRSsKVvLIq7T/zsenZCO2EDZH40nMczUU3uzgAP5DpvQ5OI6NGsYNkeFkbPG7fSF+0yrPsMMC9PbfogpuGYbL0Y3ZZFXN7wRuHrUu73CwPV7Qu88taXh9BWpO57l00N5m4FwwAZGmi5myck6JyGYuLtYlPXI0COI+txKUbZMNnRdTXHhp1OcO+84S+TUpU5XpHupOLGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4=; visid_incap_364709=rYdW+OKpTdutx76/Y3XCZOH6AlsAAAAAQUIPAAAAAAAnc/7xu8BLL75PZVCp+foB; incap_ses_474_364709=f8kUF5ZSnzWcb+lWU/2TBuH6AlsAAAAAX9SVjARh7ShRXfRIbRFxtA==; _ga=GA1.3.268744651.1526921953; _gid=GA1.3.206928724.1526921954; _gat_UA-28243511-13=1; _dc_gtm_UA-28243511-5=1; _ga=GA1.2.268744651.1526921953; _gid=GA1.2.206928724.1526921954; _dc_gtm_UA-28243511-20=1; ai_session=PaTRG|1526921953974.8|1526921953974.8; _gat_UA-28243511-20=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Iinfo
1-10355375-10355374 2VNN RT(1526921952571 1490) q(0 0 0 -1) r(1 1) U18
Date
Mon, 21 May 2018 16:59:13 GMT
Last-Modified
Sat, 19 May 2018 15:00:08 GMT
X-CDN
Incapsula
Etag
"147d2c1482efd31:0"
Content-Length
67778
Content-Type
image/jpeg
Cookie set 5498692900954704640
act.myngp.com/fo/ 		153 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.myngp.com/fo/5498692900954704640
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
be1aa6f249c3d87f6cab908c30ff90f6519c4858f24ab4ad94cce1e0083f8d65

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Cookie
ai_user=9EGIH|2018-05-21T16:59:13.455Z; __utma=101563537.268744651.1526921953.1526921953.1526921953.1; __utmb=101563537.0.10.1526921953; __utmc=101563537; __utmz=101563537.1526921953.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=101563537.|1=Tenant=Norris%2C%20John=1; ___utmvc=EkI9qxLd1oCuxEUzY73kfgyMKYV28xZxKEX7pK/pLKHZE8qUkAWcFTGMk6qH2x2iqp64D59uWf551FW+cLmFHdip8GhV9tThPtTLytOPQcns9VU7CmuML7oeaTPLXsrb7jKvF8KQFpHLie7HhpM5qapicSsKrf6H1k0l+ghfMvOlO6xXYZtoriGz3846yo0oDmIH3oOK6XYRY4bjuA2RrZO7agjgV3xaDEXbZKyiL56uV54WaEuc5I3qPPChtyluzmk1c+Rt2oh4h8JoFdjcnblF3UaDZ+uVSmVq23HUhjCWUknIzH81ezIVTwSnNzgiMY+j6q3u6c6KVb3OhOlsCERUmR31uRCpoXxjIYtlBlupGGcWeEIDEDlx3vdUow0Il+BtcxwvhCfnyWEdP7S7s+sN1zCVahqJrgJt7K2X7of1oG7pfAXTG1NpLWz2LjDH9m7YfR2k5lGtzgwRKOeGKsWiZdD6COAiItZXcCNWpmSaZlyngqJzteJYO7IQ/wkb9ccnuZ8goBgPChCB3KyVpFltk6tHLrrM6G15EABH2lB5aPNRV1Hs35bfor5s/xBUcmTkAek7FrY8Qi0lRCrODH06pGmqra0ijOgvazkO5JbvJe2f/Shhv3LQsT4NtqdYxhxbzsT/eE3XJTcxzYo7e4MkoPV4PMRpWFi17f4BUSB3ssCS9qJIK5wQGobfCXX8E3/XCq8aeMezqKaN+bFWDrA49JtRPzcag+vnkZPqwT4DzeLhtwx3JC1e2r0t3UZ8/WxNQA/WgieoH8MBGMeRzUtLM14/UVRjT/F4TEdYCMxpf/C3CJG8N/b6nzGESizce8E0GWvgSqTpd+Bt3iA+/cvEAOu36VTImIajxxay7jBMH4Vm3SYqT3GhyQTmjaD6WLlYdzFEVqdr0kffN3OPRSsKVvLIq7T/zsenZCO2EDZH40nMczUU3uzgAP5DpvQ5OI6NGsYNkeFkbPG7fSF+0yrPsMMC9PbfogpuGYbL0Y3ZZFXN7wRuHrUu73CwPV7Qu88taXh9BWpO57l00N5m4FwwAZGmi5myck6JyGYuLtYlPXI0COI+txKUbZMNnRdTXHhp1OcO+84S+TUpU5XpHupOLGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4=; visid_incap_364709=rYdW+OKpTdutx76/Y3XCZOH6AlsAAAAAQUIPAAAAAAAnc/7xu8BLL75PZVCp+foB; incap_ses_474_364709=f8kUF5ZSnzWcb+lWU/2TBuH6AlsAAAAAX9SVjARh7ShRXfRIbRFxtA==; _ga=GA1.3.268744651.1526921953; _gid=GA1.3.206928724.1526921954; _gat_UA-28243511-13=1; _dc_gtm_UA-28243511-5=1; _ga=GA1.2.268744651.1526921953; _gid=GA1.2.206928724.1526921954; _dc_gtm_UA-28243511-20=1; ai_session=PaTRG|1526921953974.8|1526921953974.8; _gat_UA-28243511-20=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 21 May 2018 16:58:22 GMT
X-AspNetMvc-Version
4.0
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-Iinfo
8-92338253-92338257 NNNN CT(0 0 0) RT(1526921954066 15) q(0 0 0 -1) r(2 2) U2
Cache-Control
private
Set-Cookie
BIGipServerpool_ob_act_myngp_com=!H4+DTsoG835EjNxYeJn4bPxPlfs2+YTzskBGj0DWsJiEXJkdxpKs6pmA2ZTE7k7FkttrAXK92MCD5NBB4D+38SwR1s3xSbLZAMaYshx8Y1qU5oxEBzvufIMZBygc04ZDGKpulAmfzhqUtHHbJSR3YXB3l27ojl4=; path=/
Content-Type
image/jpeg
Content-Length
153
X-CDN
Incapsula
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j67&a=807960103&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F5498692900954704640%3Fmidqs%3D_rqiuJPiDXc5rrc9pf6ckg%3D%3D&ul=en-us&de=UTF-8&dt=Sign%20on%20to%20tell%20Kim%20Reynolds%20to%20disavow%20Steve%20King&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=SignupForm&ea=Form%20Fill&el=Profile&ev=2&_utma=101563537.268744651.1526921953.1526921953.1526921953.1&_utmz=101563537.1526921953.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1526921954090&_u=aSHCAEAB~&jid=&gjid=&cid=268744651.1526921953&tid=UA-28243511-20&_gid=206928724.1526921954&gtm=G4s5L2FSL&cd6=5498692900954704640&z=50432149
Protocol
SPDY
Server
216.58.210.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 May 2018 10:46:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
627170
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ 		49 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
HTTP/1.1
Server
52.169.64.244 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
fc7b7e92726f4f516f4fa4710b1af4fdfa32580b2654a774bf96e45c147c096a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
788D36F2-9E3B-4E3A-AC59-930EBF0AC264
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Access-Control-Max-Age
3600
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Date
Mon, 21 May 2018 16:59:14 GMT
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
49
juyW$tR5VYe_psE0LZ8OkA6K
secure.everyaction.com/Databag/Profile/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/Databag/Profile/juyW$tR5VYe_psE0LZ8OkA6K
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
X-Iinfo
5-103687871-103687873 NNNN CT(88 185 0) RT(1526921954676 18) q(0 0 3 0) r(4 4) U11
X-XSS-Protection
0
Cache-Control
private
Date
Mon, 21 May 2018 16:59:14 GMT
X-CDN
Incapsula
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
juyW$tR5VYe_psE0LZ8OkA6K
forms-prod.azurewebsites.net/Databag/Profile/ 		0
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-prod.azurewebsites.net/Databag/Profile/juyW$tR5VYe_psE0LZ8OkA6K
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
Cache-Control
private
Date
Mon, 21 May 2018 16:59:14 GMT
X-XSS-Protection
0
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
juyW$tR5VYe_psE0LZ8OkA6K
act.shotatlife.org/Databag/Profile/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://act.shotatlife.org/Databag/Profile/juyW$tR5VYe_psE0LZ8OkA6K
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Type
text/html
juyW$tR5VYe_psE0LZ8OkA6K
act.unfoundation.org/Databag/Profile/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://act.unfoundation.org/Databag/Profile/juyW$tR5VYe_psE0LZ8OkA6K
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Type
text/html
juyW$tR5VYe_psE0LZ8OkA6K
act.unausa.org/Databag/Profile/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://act.unausa.org/Databag/Profile/juyW$tR5VYe_psE0LZ8OkA6K
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Type
text/html
juyW$tR5VYe_psE0LZ8OkA6K
act.nothingbutnets.net/Databag/Profile/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://act.nothingbutnets.net/Databag/Profile/juyW$tR5VYe_psE0LZ8OkA6K
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Type
text/html
juyW$tR5VYe_psE0LZ8OkA6K
act.girlup.org/Databag/Profile/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://act.girlup.org/Databag/Profile/juyW$tR5VYe_psE0LZ8OkA6K
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Type
text/html
juyW$tR5VYe_psE0LZ8OkA6K
act.betterworldcampaign.org/Databag/Profile/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://act.betterworldcampaign.org/Databag/Profile/juyW$tR5VYe_psE0LZ8OkA6K
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Type
text/html
juyW$tR5VYe_psE0LZ8OkA6K
act.biologicaldiversity.org/Databag/Profile/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://act.biologicaldiversity.org/Databag/Profile/juyW$tR5VYe_psE0LZ8OkA6K
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Type
text/html
juyW$tR5VYe_psE0LZ8OkA6K
secure.sempervirens.org/Databag/Profile/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.sempervirens.org/Databag/Profile/juyW$tR5VYe_psE0LZ8OkA6K
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Type
text/html
juyW$tR5VYe_psE0LZ8OkA6K
act.audubon.org/Databag/Profile/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://act.audubon.org/Databag/Profile/juyW$tR5VYe_psE0LZ8OkA6K
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Type
text/html
juyW$tR5VYe_psE0LZ8OkA6K
secure.ngpvan.com/Databag/Profile/ 		0
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Databag/Profile/juyW$tR5VYe_psE0LZ8OkA6K
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Server
45.60.153.95 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
X-Iinfo
2-22162987-22162988 NNNN CT(87 179 0) RT(1526921955008 18) q(0 0 2 0) r(3 3) U11
X-XSS-Protection
0
Cache-Control
private
Date
Mon, 21 May 2018 16:59:14 GMT
X-CDN
Incapsula
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j67&a=807960103&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F5498692900954704640%3Fmidqs%3D_rqiuJPiDXc5rrc9pf6ckg%3D%3D&ul=en-us&de=UTF-8&dt=Sign%20on%20to%20tell%20Kim%20Reynolds%20to%20disavow%20Steve%20King&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=SignupForm&ea=Form%20Fill&el=Profile&ev=2&_utma=101563537.268744651.1526921953.1526921953.1526921953.1&_utmz=101563537.1526921953.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1526921954438&_u=aSHCAEAB~&jid=&gjid=&cid=268744651.1526921953&tid=UA-28243511-20&_gid=206928724.1526921954&gtm=G4s5L2FSL&cd6=5498692900954704640&z=307766253
Protocol
SPDY
Server
216.58.210.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/5498692900954704640?midqs=_rqiuJPiDXc5rrc9pf6ckg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 May 2018 10:46:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
627170
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| appInsights object| dataLayer string| footerHTML function| _ object| CSSModal object| Braintree object| nvtag boolean| exileHeaderAndFooter object| _gaq function| __extends object| Microsoft object| AI object| google_tag_manager object| Backbone function| _jqjsp object| atLayer string| GoogleAnalyticsObject function| ga object| _gat object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType object| gaplugins object| gaGlobal object| gaData function| transactionFilter function| oldPush boolean| sweetSpotEnabled object| nvtag_callbacks object| formview

16 Cookies

Domain/Path Name / Value
.myngp.com/ Name: _dc_gtm_UA-28243511-20
Value: 1
.myngp.com/ Name: _gid
Value: GA1.2.206928724.1526921954
.act.myngp.com/ Name: _gat_UA-28243511-13
Value: 1
.myngp.com/ Name: incap_ses_474_364709
Value: f8kUF5ZSnzWcb+lWU/2TBuH6AlsAAAAAX9SVjARh7ShRXfRIbRFxtA==
.act.myngp.com/ Name: __utmv
Value: 101563537.|1=Tenant=Norris%2C%20John=1
.myngp.com/ Name: visid_incap_364709
Value: rYdW+OKpTdutx76/Y3XCZOH6AlsAAAAAQUIPAAAAAAAnc/7xu8BLL75PZVCp+foB
.myngp.com/ Name: _ga
Value: GA1.2.268744651.1526921953
act.myngp.com/ Name: ___utmvc
Value: EkI9qxLd1oCuxEUzY73kfgyMKYV28xZxKEX7pK/pLKHZE8qUkAWcFTGMk6qH2x2iqp64D59uWf551FW+cLmFHdip8GhV9tThPtTLytOPQcns9VU7CmuML7oeaTPLXsrb7jKvF8KQFpHLie7HhpM5qapicSsKrf6H1k0l+ghfMvOlO6xXYZtoriGz3846yo0oDmIH3oOK6XYRY4bjuA2RrZO7agjgV3xaDEXbZKyiL56uV54WaEuc5I3qPPChtyluzmk1c+Rt2oh4h8JoFdjcnblF3UaDZ+uVSmVq23HUhjCWUknIzH81ezIVTwSnNzgiMY+j6q3u6c6KVb3OhOlsCERUmR31uRCpoXxjIYtlBlupGGcWeEIDEDlx3vdUow0Il+BtcxwvhCfnyWEdP7S7s+sN1zCVahqJrgJt7K2X7of1oG7pfAXTG1NpLWz2LjDH9m7YfR2k5lGtzgwRKOeGKsWiZdD6COAiItZXcCNWpmSaZlyngqJzteJYO7IQ/wkb9ccnuZ8goBgPChCB3KyVpFltk6tHLrrM6G15EABH2lB5aPNRV1Hs35bfor5s/xBUcmTkAek7FrY8Qi0lRCrODH06pGmqra0ijOgvazkO5JbvJe2f/Shhv3LQsT4NtqdYxhxbzsT/eE3XJTcxzYo7e4MkoPV4PMRpWFi17f4BUSB3ssCS9qJIK5wQGobfCXX8E3/XCq8aeMezqKaN+bFWDrA49JtRPzcag+vnkZPqwT4DzeLhtwx3JC1e2r0t3UZ8/WxNQA/WgieoH8MBGMeRzUtLM14/UVRjT/F4TEdYCMxpf/C3CJG8N/b6nzGESizce8E0GWvgSqTpd+Bt3iA+/cvEAOu36VTImIajxxay7jBMH4Vm3SYqT3GhyQTmjaD6WLlYdzFEVqdr0kffN3OPRSsKVvLIq7T/zsenZCO2EDZH40nMczUU3uzgAP5DpvQ5OI6NGsYNkeFkbPG7fSF+0yrPsMMC9PbfogpuGYbL0Y3ZZFXN7wRuHrUu73CwPV7Qu88taXh9BWpO57l00N5m4FwwAZGmi5myck6JyGYuLtYlPXI0COI+txKUbZMNnRdTXHhp1OcO+84S+TUpU5XpHupOLGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4=
.act.myngp.com/ Name: __utmz
Value: 101563537.1526921953.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.act.myngp.com/ Name: _ga
Value: GA1.3.268744651.1526921953
.act.myngp.com/ Name: __utmb
Value: 101563537.0.10.1526921953
act.myngp.com/ Name: ai_user
Value: 9EGIH|2018-05-21T16:59:13.455Z
.act.myngp.com/ Name: _gid
Value: GA1.3.206928724.1526921954
.act.myngp.com/ Name: __utma
Value: 101563537.268744651.1526921953.1526921953.1526921953.1
.act.myngp.com/ Name: _dc_gtm_UA-28243511-5
Value: 1
.act.myngp.com/ Name: __utmc
Value: 101563537

6 Console Messages

Source Level URL
Text
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Downloading (5498692900954704640): 467.495849609375ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Processing (5498692900954704640): 8.435791015625ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Render (5498692900954704640): 13.55224609375ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Fill (5498692900954704640): 30.97509765625ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Form (5498692900954704640): 521.68505859375ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Total: 615.44580078125ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.audubon.org
act.betterworldcampaign.org
act.biologicaldiversity.org
act.girlup.org
act.myngp.com
act.nothingbutnets.net
act.shotatlife.org
act.unausa.org
act.unfoundation.org
az416426.vo.msecnd.net
d1aqhv4sn5kxtx.cloudfront.net
dc.services.visualstudio.com
formdefs.s3.amazonaws.com
forms-prod.azurewebsites.net
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
secure.sempervirens.org
ssl.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
152.199.19.160
216.58.207.72
216.58.210.14
216.58.210.8
40.114.13.25
45.60.153.95
52.169.64.244
52.85.177.25
54.231.48.144
64.233.167.157
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
25c868b823baf8d30c3af7ced6ff330ded26d08e841dfa93feea17811d7f5fb8
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16
3106a8fdd08ead21c51fb978450673318bff94d51c091cd9726fb7ba7e0c279d
414479502dd4204c53c6a878ad3f8fcf9eab7a3e4ece239db3e338963f4c46a3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
6aea0ba0b4a3b173d7bd2cd575ae5846e4e0ed6246fdc590c35d0756c3aa1395
6e917a738c60cee7ee552a847b8bf916b47b24315f94e063bf2d7b9da1da41b9
8161bb93cbc0636e06064e3c1ff285391a5c2a3e1c14753311c0e3683f129b0d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91fde29417090ed92b3fa9f4cc88fdc8e2b6e20fcf68d9a53bea163b34eb567d
a0d5abc8b0c826a3070659eb2f2be12308e146a8456323345221a478cefd59e9
a1c9795ed26c3d692a71d245fad97eeb230b99e48af2ca9bb4be890cb7d53ada
ad88e9ea6e996a7041f1ed26ee53755332529d551c33f2b89b7560e6ce32252f
b3ec59a975f26e3a6102ba64683002d19bdb4f082fa5a48689bfe7dcddaba061
be1aa6f249c3d87f6cab908c30ff90f6519c4858f24ab4ad94cce1e0083f8d65
cde4e5d344bb96969bdc2764030b96acddd85d310ef8c31066e8211de0e54a5a
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc7b7e92726f4f516f4fa4710b1af4fdfa32580b2654a774bf96e45c147c096a