www.np-mylincolnportal.com Open in urlscan Pro
52.206.52.126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://provider-auth.np-mylincolnportal.com/
Effective URL:
https://www.np-mylincolnportal.com/customer/public/login
Submission: On September 22 via automatic, source certstream-suspicious (September 22nd 2021, 5:25:57 pm UTC) — Scanned from DE

Summary HTTP 41 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 41 HTTP transactions. The main IP is 52.206.52.126, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.np-mylincolnportal.com.
TLS certificate: Issued by Amazon on July 3rd 2021. Valid for: a year.

This is the only time www.np-mylincolnportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.18.125.236 3.18.125.236	16509 (AMAZON-02) (AMAZON-02)
1 1	52.72.167.98 52.72.167.98	14618 (AMAZON-AES) (AMAZON-AES)
1 7	52.206.52.126 52.206.52.126	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	184.30.24.194 184.30.24.194	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3033::ac43:a339	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
16	91.235.133.31 91.235.133.31	30286 (THM) (THM)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1 4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	104.198.23.205 104.198.23.205	() ()
2	104.17.209.240 104.17.209.240	() ()
41	13

1 3.18.125.236 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-125-236.us-east-2.compute.amazonaws.com

provider-auth.np-mylincolnportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.167.98 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-167-98.compute-1.amazonaws.com

np-mylincolnportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.206.52.126 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-52-126.compute-1.amazonaws.com

www.np-mylincolnportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.24.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:a339 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 91.235.133.31 (United States)

ASN30286 (THM, US)

cdn2.lfg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

38u7vvifq735amrpaf4e4a6uu3apii6wpne6xhpeff6dc1ae20200022am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.23.205 (None, )

ASN- ()

r.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.209.240 (None, )

ASN- ()

znb8jq3jen9fbfxzn-lfg.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	lfg.com cdn2.lfg.com	122 KB
9	np-mylincolnportal.com 3 redirects provider-auth.np-mylincolnportal.com np-mylincolnportal.com www.np-mylincolnportal.com	2 MB
5	online-metrix.net 1 redirects h.online-metrix.net 38u7vvifq735amrpaf4e4a6uu3apii6wpne6xhpeff6dc1ae20200022am1.e.aa.online-metrix.net	16 KB
3	tiqcdn.com tags.tiqcdn.com	15 KB
2	qualtrics.com znb8jq3jen9fbfxzn-lfg.siteintercept.qualtrics.com siteintercept.qualtrics.com	20 KB
2	lr-ingest.io cdn.lr-ingest.io r.lr-ingest.io	157 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	nr-data.net bam.nr-data.net	322 B
1	newrelic.com js-agent.newrelic.com	14 KB
1	google-analytics.com www.google-analytics.com	20 KB
0	Failed function sub() { [native code] }. Failed
41	11

	Domain	Requested by
16	cdn2.lfg.com	www.np-mylincolnportal.com cdn2.lfg.com
7	www.np-mylincolnportal.com	1 redirects www.np-mylincolnportal.com
4	h.online-metrix.net	1 redirects cdn2.lfg.com
3	tags.tiqcdn.com	www.np-mylincolnportal.com
2	fonts.googleapis.com	www.np-mylincolnportal.com
1	siteintercept.qualtrics.com	www.np-mylincolnportal.com
1	znb8jq3jen9fbfxzn-lfg.siteintercept.qualtrics.com	www.np-mylincolnportal.com
1	r.lr-ingest.io	www.np-mylincolnportal.com
1	bam.nr-data.net	www.np-mylincolnportal.com
1	38u7vvifq735amrpaf4e4a6uu3apii6wpne6xhpeff6dc1ae20200022am1.e.aa.online-metrix.net
1	js-agent.newrelic.com	www.np-mylincolnportal.com
1	www.google-analytics.com	www.np-mylincolnportal.com
1	cdn.lr-ingest.io	www.np-mylincolnportal.com
1	np-mylincolnportal.com	1 redirects
1	provider-auth.np-mylincolnportal.com	1 redirects
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	cdn2.lfg.com
41	16

This site contains links to these domains. Also see Links.

Domain
www.lfg.com
policies.google.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
*.np-mylincolnportal.com Amazon	`2021-07-03` - `2022-08-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cdn2.lfg.com DigiCert SHA2 Extended Validation Server CA	`2021-01-23` - `2022-02-22`	a year	crt.sh
*.newrelic.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-01-21` - `2022-01-21`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
api.logrocket.com R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-26`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.np-mylincolnportal.com/customer/public/login
Frame ID: 48B303EC995FD5A7593D03DF2B92C66E
Requests: 23 HTTP requests in this frame

Frame: https://cdn2.lfg.com/fp/check.js;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&jb=343b26266a716f77354e696e75702668716f354e61667d7026687360753f4368706d6f67266873623d416870676f652532383931
Frame ID: 0A94D7D07ED2F5A709D4E99698B4CB95
Requests: 12 HTTP requests in this frame

Frame: https://cdn2.lfg.com/fp/HP?session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&org_id=38u7vvif&nonce=ff6dc1ae20200022&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 2B3706F255EA3880FD7CA3FB02E9CEF3
Requests: 3 HTTP requests in this frame

Frame: https://cdn2.lfg.com/fp/ls_fp.html;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022
Frame ID: AF4B175931842D7B6C68D158E4AAC267
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022
Frame ID: 01C5CCE3944CDB071ED2285A3ADE3E88
Requests: 2 HTTP requests in this frame

Frame: https://cdn2.lfg.com/fp/top_fp.html;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022
Frame ID: 65168E880B447FFCBA0060E9CF5776A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Lincoln Portal® | Lincoln Financial Group

Page URL History Show full URLs

https://provider-auth.np-mylincolnportal.com/ HTTP 302
https://np-mylincolnportal.com/ HTTP 301
https://www.np-mylincolnportal.com/ HTTP 301
https://www.np-mylincolnportal.com/customer/public/login Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

LogRocket (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.lr-ingest\.io

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

^(?:https?:)?//tags\.tiqcdn\.com/

Page Statistics

41
Requests

93 %
HTTPS

21 %
IPv6

11
Domains

16
Subdomains

13
IPs

2
Countries

2382 kB
Transfer

9230 kB
Size

9
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.lfg.com/public/aboutus/companyoverview
Title: Company Overview

Search URL Search Domain Scan URL

URL: https://www.lfg.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.lfg.com/legal
Title: Legal

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/partner-sites
Title: Google Analytics

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lincolnfinancialgroup

Search URL Search Domain Scan URL

URL: https://twitter.com/lincolnfingroup

Search URL Search Domain Scan URL

URL: http://www.youtube.com/lincolnfinancialgrp

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/lincoln-financial-group?trk=tyah&trkInfo=tas%3Alincoln+financial%2Cidx%3A3-1-3

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lincolnfingroup

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://provider-auth.np-mylincolnportal.com/ HTTP 302
https://np-mylincolnportal.com/ HTTP 301
https://www.np-mylincolnportal.com/ HTTP 301
https://www.np-mylincolnportal.com/customer/public/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://h.online-metrix.net/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&k=2

41 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
www.np-mylincolnportal.com/customer/public/
Redirect Chain

https://provider-auth.np-mylincolnportal.com/
https://np-mylincolnportal.com/
https://www.np-mylincolnportal.com/
https://www.np-mylincolnportal.com/customer/public/login

31 KB
12 KB

135ms
135ms

Document
text/html

52.206.52.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.np-mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.52.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-52-126.compute-1.amazonaws.com

Software

Resource Hash

90007c8a253628acdbcfe10f3d6078f9097474c287c58f1a96ccf88905fb39bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.np-mylincolnportal.com
:scheme: https
:path: /customer/public/login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 22 Sep 2021 17:25:51 GMT
content-type: text/html
access-control-expose-headers: mlp-trace-id
x-robots-tag: noindex
last-modified: Wed, 15 Sep 2021 13:06:38 GMT
etag: "5b91cfc061d5fff9c64c3fe0c088b832"
x-amz-error-code: NoSuchKey
x-amz-error-message: The specified key does not exist.
x-amz-error-detail-key: customer/public/login
x-amz-request-id: XKY6CN4SC4VB32E0
x-amz-id-2: fNJMtx6H7nxjJGmmejPUXbuttXCkHqkpnHjAu5bOgxm8F4njwgHYvkAmm8LcObTWpKz6lLlCKd4=
content-security-policy: frame-ancestors 'self'
x-frame-options: DENY
mlp-trace-id: 0328e80112c62734
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains

Redirect headers

server: awselb/2.0
date: Wed, 22 Sep 2021 17:25:50 GMT
content-type: text/html
content-length: 134
location: https://www.np-mylincolnportal.com:443/customer/public/login

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600|Ubuntu:400,500

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06779fdc25ee45738fce2063846c71b7863a8f6bba2492989cf6d454b0e5a3bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 17:25:51 GMT
server: ESF
date: Wed, 22 Sep 2021 17:25:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 17:25:51 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
710 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital@0;1&display=swap

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e95f071d48bc4308e6fc1c543f9e13318305511e0269ddb3ec417b6cb38b4f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 17:25:51 GMT
server: ESF
date: Wed, 22 Sep 2021 17:25:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 17:25:51 GMT

GET
H2 200 main.css
www.np-mylincolnportal.com/customer/ 184 KB
60 KB 322ms
322ms Stylesheet
text/css 52.206.52.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.np-mylincolnportal.com/customer/main.css

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.52.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-52-126.compute-1.amazonaws.com

Software

Resource Hash

2063b2ffa6ce1856c38c1c6c0bbcdac000e52361196c6ef554f7bb2b9e1e538c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /customer/main.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.np-mylincolnportal.com
referer: https://www.np-mylincolnportal.com/customer/public/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/customer/public/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
mlp-trace-id: c19f11b71f559118
x-amz-request-id: XKY1R2RGP9XX6V19
x-amz-id-2: cnfhbggrIepla1RwwtSV0SkcGV0QPebkAGQoTfu08DLh3NlOVK7LnN9XBnCLFqJ2MGRKpU39A/I=
pragma: no-cache
expires: 0
last-modified: Wed, 15 Sep 2021 13:06:38 GMT
x-frame-options: DENY
etag: "c760b23d0b966a488078e6077c273961"
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self'
x-robots-tag: noindex
access-control-expose-headers: mlp-trace-id

GET
H2 200 transformed.1d818eb4b2a8f97f9c78.js Show response
www.np-mylincolnportal.com/customer/ 7 MB
2 MB 127ms
127ms Script
application/javascript 52.206.52.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.np-mylincolnportal.com/customer/transformed.1d818eb4b2a8f97f9c78.js

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.52.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-52-126.compute-1.amazonaws.com

Software

Resource Hash

3180aff69f8beeccdcafeb373f226a9e55a36fc30282ca0ed8a651b49c600756

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /customer/transformed.1d818eb4b2a8f97f9c78.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.np-mylincolnportal.com
referer: https://www.np-mylincolnportal.com/customer/public/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/customer/public/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
mlp-trace-id: 0826f4620dfb42e3
x-amz-request-id: XKY6TSWMQNQQK5DV
x-amz-id-2: llIGTXdel/QBinUCc2Eid8aSbHcJfvumtx2gXFrURsxOTPkLs6LSQrCDUm5akymdpWZzPtcW6Aw=
pragma: no-cache
expires: 0
last-modified: Wed, 15 Sep 2021 13:06:38 GMT
x-frame-options: DENY
etag: "4d0fa5ffe02f83d90dd71b1ff1ed43d2"
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self'
x-robots-tag: noindex
access-control-expose-headers: mlp-trace-id

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/lfg/mlp/qa/ 27 KB
9 KB 562ms
499ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/lfg/mlp/qa/utag.js
Requested by: Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2452389dcdb85f40540b5d6a42a1ca9ef8931884416a903d373e56cf611435ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:25:51 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 14:28:36 GMT
server: AkamaiNetStorage
etag: "16efc358d27b39040062d94370e5c021:1629988116.643267"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 8748
expires: Wed, 22 Sep 2021 17:30:51 GMT

GET
H2 200 logger-1.min.js Show response
cdn.lr-ingest.io/ 753 KB
154 KB 63ms
29ms Script
text/javascript 2606:4700:3033::ac43:a339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/logger-1.min.js

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a339 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3bef654a28cb715bee8b9919c49f5cfbd785c2dabaf8a7a097da525ca9d22f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:25:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31556926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19144-FRA
last-modified: Wed, 22 Sep 2021 15:26:52 GMT
server: cloudflare
x-timer: S1632324543.092558,VS0,VE1
etag: W/"0cbdb78a1410fe4507e0542581af28a1d0a964b0ec68dfc50b03708fe8e2beab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RddzRHwBY%2Fi%2BsikhDp5%2FsLKar%2FjqHRjz%2BvFLS0vkz1q0OVSHOWFulcOZ3x%2B7ntsrCrPNb3oTsY8BEfjVQqR2%2FS33xhpa0SEyFdM1Wmq58oP22%2BCz5Z6eAM7zdVnbSNSBOPQRdL9rGyYEZRQ%2BPgTk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 692d3c2968aa5b3e-FRA
x-cache-hits: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2335
date: Wed, 22 Sep 2021 16:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 22 Sep 2021 18:46:57 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58150ab06b7e86c1bf0006d0dbe4ec2f20a8b13291e07b0af122dec4f360a20e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 portal-status Show response
www.np-mylincolnportal.com/ 63 B
360 B 102ms
101ms XHR
application/json 52.206.52.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.np-mylincolnportal.com/portal-status

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.52.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-52-126.compute-1.amazonaws.com

Software

Resource Hash

6bd25f0aa4a81efaab494d6648ff7e086e42d2df20b01051e3d6ddd97cdb253b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /portal-status
pragma: no-cache
cookie: utag_main=v_id:017c0e8ad3cb00759608eb1fbd7c03072003806a00b08$_sn:1$_se:1$_ss:1$_st:1632333351692$ses_id:1632331551692%3Bexp-session$_pn:1%3Bexp-session
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.np-mylincolnportal.com
referer: https://www.np-mylincolnportal.com/customer/public/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.np-mylincolnportal.com/customer/public/login
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: 0

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9834d6f7dd4ad10ceb877494abe13cc5b18bc1f95b8e8b918ef6e553c54043d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 utag.72.js Show response
tags.tiqcdn.com/utag/lfg/mlp/qa/ 24 KB
6 KB 11ms
11ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/lfg/mlp/qa/utag.72.js?utv=ut4.46.202012111411
Requested by: Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4512fefcb560f60eb68a37b548a8b5b1fb151cdfdaa7cc59d2557349fb384158

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:25:52 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 14:11:25 GMT
server: AkamaiNetStorage
etag: "4ef54a36cb6f6e594eec0452664fd67f:1607695885.873963"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 5998
expires: Thu, 07 Oct 2021 17:25:52 GMT

GET
H2 200 5a1a2888585a17c688b83daa89b215b9.woff
www.np-mylincolnportal.com/customer/ 45 KB
25 KB 152ms
152ms Font
binary/octet-stream 52.206.52.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.np-mylincolnportal.com/customer/5a1a2888585a17c688b83daa89b215b9.woff

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/main.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.52.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-52-126.compute-1.amazonaws.com

Software

Resource Hash

e406e68b7577854cfc6104b4178b39e2ff25a4f52ec9eda1e00fbcfa645aa7dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.np-mylincolnportal.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: utag_main=v_id:017c0e8ad3cb00759608eb1fbd7c03072003806a00b08$_sn:1$_se:1$_ss:1$_st:1632333351692$ses_id:1632331551692%3Bexp-session$_pn:1%3Bexp-session
:path: /customer/5a1a2888585a17c688b83daa89b215b9.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.np-mylincolnportal.com
referer: https://www.np-mylincolnportal.com/customer/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.np-mylincolnportal.com/customer/main.css
Origin: https://www.np-mylincolnportal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
mlp-trace-id: 73240906d9cce67f
x-amz-request-id: KVAY69V6WK0DJRRT
x-amz-id-2: B55LaoYGr/Lm2kutKqlJSlltlJeJVxGp0IJn/2P/m+XQB9JdeH/oJpvy4GfD12xpnLuOjnMGo+M=
pragma: no-cache
expires: 0
last-modified: Wed, 15 Sep 2021 13:06:38 GMT
x-frame-options: DENY
etag: "4372d19a142438a10db7fcb36629cf16"
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: binary/octet-stream
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self'
x-robots-tag: noindex
access-control-expose-headers: mlp-trace-id

GET
H/1.1 200
OK tags.js Show response
cdn2.lfg.com/fp/ 80 KB
11 KB 781ms
18ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/tags.js?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

300a63d262f589afa9538674500b78482df2b3e0efda5f3072b95047a2058666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 active Show response
www.np-mylincolnportal.com/mlp-ui-service/services/v1/notifications/ 2 B
418 B 138ms
137ms XHR
application/json 52.206.52.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.np-mylincolnportal.com/mlp-ui-service/services/v1/notifications/active?functionalArea=LOGIN

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.52.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-52-126.compute-1.amazonaws.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /mlp-ui-service/services/v1/notifications/active?functionalArea=LOGIN
pragma: no-cache
cookie: utag_main=v_id:017c0e8ad3cb00759608eb1fbd7c03072003806a00b08$_sn:1$_se:1$_ss:1$_st:1632333351692$ses_id:1632331551692%3Bexp-session$_pn:1%3Bexp-session; _ga=GA1.2.1442485721.1632331553; _gid=GA1.2.745948822.1632331553; _lr_tabs_-o1n3rt%2Fmy-lincoln-portal-non-prod={%22sessionID%22:0%2C%22recordingID%22:%224-440fb32f-182d-444c-ada9-b41a6bb9d24c%22%2C%22lastActivity%22:1632331552611}; _lr_hb_-o1n3rt%2Fmy-lincoln-portal-non-prod={%22heartbeat%22:1632331552612}
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.np-mylincolnportal.com
referer: https://www.np-mylincolnportal.com/customer/public/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.np-mylincolnportal.com/customer/public/login
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
mlp-trace-id: 382e5d9ead4d4898
x-frame-options: DENY
content-type: application/json
access-control-expose-headers: mlp-trace-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000 ; includeSubDomains
x-robots-tag: noindex
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: 0

GET
BLOB 200
OK e88ec9e5-2456-4ddc-b2c5-7eb9ea744b7a
https://www.np-mylincolnportal.com/ 426 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.np-mylincolnportal.com/e88ec9e5-2456-4ddc-b2c5-7eb9ea744b7a
Requested by: Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b31e52c2ce14f65d0cb11d7bfd5a0a5fc4cb4e9b4aa48ee28b51d6dd0bf0d37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 436210

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 7ms
7ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=lfg/mlp/202108261428&cb=1632331552662
Requested by: Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:25:52 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 22 Sep 2021 17:35:52 GMT

GET
H2 200 nr-spa-1184.min.js Show response
js-agent.newrelic.com/ 37 KB
14 KB 158ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1184.min.js
Requested by: Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "6b93dbf34696df852c6d69d1652851de"
x-amz-request-id: 2W1BW58DCX2EWQ68
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14379
x-amz-id-2: Kxg6xllJVmvzvIiHSO47iXWz54eKCZ+ia37G6R0Zd4XtHGKc6W1tDJqKp09zBtkj+zNqbn795dg=
x-served-by: cache-fra19179-FRA
last-modified: Mon, 28 Sep 2020 16:34:47 GMT
server: AmazonS3
x-timer: S1632331554.566408,VS0,VE0
date: Wed, 22 Sep 2021 17:25:53 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 455

GET
H/1.1 200
OK check.js;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937 Show response
cdn2.lfg.com/fp/ Frame 0A94 259 KB
48 KB 28ms
28ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/check.js;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&jb=343b26266a716f77354e696e75702668716f354e61667d7026687360753f4368706d6f67266873623d416870676f652532383931

Requested by

Host: cdn2.lfg.com
URL: https://cdn2.lfg.com/fp/tags.js?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

1a7c5013dde60b9ffa3eaeba84739f27e81d715ffd6d6a0be3cf10b70284a065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: ff6dc1ae20200022
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
cdn2.lfg.com/fp/ Frame 0A94 81 B
475 B 61ms
20ms Image
image/png 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
cdn2.lfg.com/fp/ Frame 0A94 81 B
474 B 61ms
18ms Image
image/png 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK HP Show response
cdn2.lfg.com/fp/ Frame 2B37 19 KB
6 KB 19ms
19ms Document
text/html 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/HP?session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&org_id=38u7vvif&nonce=ff6dc1ae20200022&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

8790e663bbb4530931609e62b7682bf6adb67837b93978a41cf66cc49b0aebf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: cdn2.lfg.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.np-mylincolnportal.com/
Accept-Encoding: gzip, deflate, br
Cookie: thx_guid=007f7f86a2d84e7daa85e6950929f078
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/

Response headers

Date: Wed, 22 Sep 2021 17:25:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible: IE=Edge
Content-Type: text/html;charset=UTF-8
Content-Language: de-DE
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5788
Keep-Alive: timeout=2, max=97

GET
H/1.1 200
OK clear.png Show response
cdn2.lfg.com/fp/ Frame 0A94 81 B
542 B 54ms
18ms XHR
image/png 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/clear.png

Requested by

Host: cdn2.lfg.com
URL: https://cdn2.lfg.com/fp/check.js;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&jb=343b26266a716f77354e696e75702668716f354e61667d7026687360753f4368706d6f67266873623d416870676f652532383931

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 38u7vvif/ff6dc1ae20200022a2e442ec-75d0-4265-b999-e7e6e70e67bb
Referer: https://www.np-mylincolnportal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:25:53 GMT
Last-Modified: Wed, 22 Sep 2021 17:25:53 GMT
Server: Apache
Etag: 4eef188c40b0422bb9c65af280a26099
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://www.np-mylincolnportal.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Mon, 21 Sep 2026 17:25:53 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame 0A94
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&k=2

0
387 B

16ms
16ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&k=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:54 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 22 Sep 2021 17:25:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&k=2
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=2, max=99
Content-Length: 327

GET
H/1.1 200
OK ls_fp.html;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937 Show response
cdn2.lfg.com/fp/ Frame AF4B 83 KB
12 KB 19ms
19ms Document
text/html 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/ls_fp.html;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

191457bc4a6db5e169e8761a75ab09fcb0e14159c5a84fefd931bc761b763c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: cdn2.lfg.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.np-mylincolnportal.com/
Accept-Encoding: gzip, deflate, br
Cookie: thx_guid=007f7f86a2d84e7daa85e6950929f078
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/

Response headers

Date: Wed, 22 Sep 2021 17:25:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
cdn2.lfg.com/fp/ Frame 0A94 0
387 B 17ms
16ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&jb=3334266c73633d356b3763306631633161616e3639303831336437606267626531353535626731

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937 Show response
h.online-metrix.net/fp/ Frame 01C5 96 KB
15 KB 94ms
18ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

415c46266ed33b60958256731aa11d413bed68d450bd5987204e238119ed9b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: h.online-metrix.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.np-mylincolnportal.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/

Response headers

Date: Wed, 22 Sep 2021 17:25:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
cdn2.lfg.com/fp/ Frame 0A94 0
387 B 16ms
16ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&jd=353a26266a646e3f3b32266a66603d6131313f323b693d6963603134613031643a3b3a33353164323266303a3a3561266a6e746c3f303233303b323b30

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 0A94 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937 Show response
cdn2.lfg.com/fp/ Frame 6516 82 KB
13 KB 19ms
19ms Document
text/html 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/top_fp.html;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

157f86acc0df2aa8f9164c656e63bbe88efbe1c4fdc559a7afd7f2d324b12a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: cdn2.lfg.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.np-mylincolnportal.com/
Accept-Encoding: gzip, deflate, br
Cookie: thx_guid=007f7f86a2d84e7daa85e6950929f078
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/

Response headers

Date: Wed, 22 Sep 2021 17:25:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
cdn2.lfg.com/fp/ Frame 0A94 0
218 B 19ms
18ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&ja=313733352624633f38247a3d302e663f3336383270393a38302461643d333630327a333030322673787b3d3270322664707a3d332e313e323824393a30322c333632302c333032322c333630302e313038322c313638302e3332383224382438266f743f613a3832636061666335376464646464316761383439313635303e6031693f69266f6e3f34247363663f3036266e683d687674727b273341253a462730467f757f2666782d6f796e696c636f6e6c726d7276616c2e616f6f2d304663757b746d6f657a273a4e787d626e69612530466c6d656b6c2666723d26726c3f3b2470683d3f3864303869633e6a6b6e62673133336037333a35636730663362646032663c2468683d3c363630656b3a6b6c6b6b36303230653a66653a643130323434616163303530246a736f354c6b6c757024627b6a35436a726d6d672532323b31246a716f753d4e696c7d7a266a736a753f41687a6d656d2e6668613d36266c646d3f3a24767a663d45746125304e576e6b6e67776c246d6976607a353c303233663161326267613230653463633534303230306164313d353632316e663c3d303031363166366761613036666139366166626637303b333331393e612467783b3f3c3e6b6d31363830666763663a66346163333930396433323d613032643b636460613f643e6e3d3b26656c5d633f776560656e556560474c253030332632253230204f72676e4f4e2d3a384d53273232322c30253032416a726d6d69756f29556d60474c253a30454e5344273a384d5b253030332e322532322a4d72656c474c253030475b2732304744534e273238475b2d3a38312c302732324368706d6f6b756f295765604b6b7c5565624b61742730305f676a4f44494e454c475f6b6e7376636c6165665f617270617b7b273342253a30475a545760646d666c5f6f696c6d63782531402730304758545f616f6e67705f62756e6667705f6063646e576e6c6d6176253142253032475a545d666c6f63745d6a6e656e642d334027323847505c577c657a747772675f666b6e7667725d616e69716f767a6d7069632d3340273238554d4a4341545d455a545d74657a767770655d66696c76657057636e69736774706d7061612d3b4a2d32324f47535d656c676f676c745d696e6467785d7d6b6e74253b4227303047475b576e6a6f5d72676e6665725d6f6b726d63702533402530384d45535f7b74636c6469706c576c6d726b7663746b7665712731402530304f45515f766d7a7475726d5f646e6f69762d3b4a2d32324f47535d74657a767770655d666c6f63745d646b6e65617a253140253a32474d5b57746778767570655f6a636e645f646c6f617625314a2732304f4d535d766570767d7a6d5768636c645f646c6f63765d6e696c6561722733402d30304f455b5f7467727c677057697a7263795d6f606a65617627314227323057474245445d636f6c67725d60756e646d7a576e6c6d6176253142253032554742454c5f636d6d727a677373656c5f7667787c777a6d576d7461253142273230554740454c5d636f6d7272677b7165645f7c657a76757a67576d7c6b31273340253030574740454e5f616f6d707065717b67645f746d787677726d5d7b3b7c6b253142273232574540494b565f554542474e5f61676f7072657b7367665f7c67707c7d7a655d73317461253340273032574742474c5d64676a77675f726d6e6667726d705761666e6f273340253030574740454e5f66656275655f7160636465727b253140253a325f4d4a4f4c5d64677076685f76677a767570652533402530385545424b41545d55454a4544576c6d7076685d746778747770672733402532305545404f4e5f647269775d60756e646d7a7b2d3340253030554542454e5d6e6f71655f636d6e766d7a7425334a253032574d4043415c57574742454c5d6c6f71675d616f6c7465787625314a273230574d42454e5f6577647c615764706175313426676e5d6a3f34323732653037633f636233306b653061626b30383b386a6561633437323966613a6367363333612675676e7e3f496e746d6c273030416c6b262e7f676e723f496c74656e273032497069732530304d78676e474c2d3232476e6f6b666d2e6b63663d36&jb=313733266c733d4f6778696c6c692530443526322d3a3820576b6e666f75732530324c5625303031302c30273b402532305f696c34342d314a2d3a387834342b2530304172726e675767624b697625304e3733372e3b362730302049405c45442530432732326c6969672730304565636b6d29273a32436872676d6727324e3b3b263826343737352e3433253032516366637269253046373b352e3336

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:25:53 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
38u7vvifq735amrpaf4e4a6uu3apii6wpne6xhpeff6dc1ae20200022am1.e.aa.online-metrix.net/fp/ Frame 0A94 81 B
438 B 79ms
17ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://38u7vvifq735amrpaf4e4a6uu3apii6wpne6xhpeff6dc1ae20200022am1.e.aa.online-metrix.net/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 21d62ec129 Show response
bam.nr-data.net/1/ 57 B
322 B 399ms
100ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/21d62ec129?a=373156513&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=5097&ck=1&ref=https://www.np-mylincolnportal.com/customer/public/login&be=2206&fe=4496&dc=3437&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1632331548914,%22n%22:0,%22f%22:2043,%22dn%22:2043,%22dne%22:2043,%22c%22:2043,%22ce%22:2043,%22rq%22:2044,%22rp%22:2179,%22rpe%22:2180,%22dl%22:2183,%22di%22:3437,%22ds%22:3437,%22de%22:3438,%22dc%22:4496,%22l%22:4496,%22le%22:4521%7D,%22navigation%22:%7B%7D%7D&fp=3474&fcp=3474&jsonp=NREUM.setToken
Requested by: Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js Show response
cdn2.lfg.com/fp/ Frame 2B37 200 KB
28 KB 26ms
25ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/check.js?&pageid=99998&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&org_id=38u7vvif&nonce=ff6dc1ae20200022

Requested by

Host: cdn2.lfg.com
URL: https://cdn2.lfg.com/fp/HP?session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&org_id=38u7vvif&nonce=ff6dc1ae20200022&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b6bfc8f895419c266785c4b54329bdaa5b0b936af578820b9d5d4dc836b2f755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn2.lfg.com/fp/HP?session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&org_id=38u7vvif&nonce=ff6dc1ae20200022&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: ff6dc1ae20200022
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=97
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
cdn2.lfg.com/fp/ Frame AF4B 0
387 B 16ms
16ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&jf=3334266c73603d3269373632383c363661616c36393d6d6a6635646135633634633a3337336030

Requested by

Host: cdn2.lfg.com
URL: https://cdn2.lfg.com/fp/ls_fp.html;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn2.lfg.com/fp/ls_fp.html;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:54 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937
cdn2.lfg.com/fp/ Frame 0A94 0
400 B 18ms
17ms Image
image/png 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.lfg.com/fp/clear1.png;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&jf=34333826736b645d7a6c643d746c725d433546494d6a6a446e446b417730796824716b665f666174653f31343b303333313d353624736166577c7178653f77676238656366716324736b645f6b67793f3b32353933383131323638353a69303e343a63673366303232333234303a32613834343a6b673364303b3033323738313c3a383830363035623763306636313b613b6339323634343f363837623d31603033396330316c3b663066343336313066303431393065656463343a3b336564663d626167656d6638313a6931633561363238316033603b373239323333346069346632393a37643a666966693c6a3a3934346031323562633a3a34303434633233386769632673696c5f716b673531383c3e3832303132306163313a3163306167356232323163393537373730313a33346e606b6d6c3d306736323663653237673467333b6332313264676a646136663f643a33336b6431383a3a313230663267306360613b3b37606538323063316d363365653d6564313069376c6e3d6e393a3331643530386431666764333539613b303569636136636b636636356d247b616e7a3d32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:54 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=9A814142FA24FA77270B5764A541A782
h.online-metrix.net/fp/ Frame 01C5 0
400 B 18ms
18ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=9A814142FA24FA77270B5764A541A782?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&jf=34333826736b645d7a6c643d746c725d6b67596e46594c615470396371344a6a24716b665f666174653f31343b303333313d353624736166577c7178653f77676238656366716324736b645f6b67793f3b32353933383131323638353a69303e343a63673366303232333234303a32613834343a6b673364303b3033323738313c3a38383036366765373461313537603733303633376166313539353139383b3b326d676b31313a6660383a303032616136673366333834353463363c3732613938656734383d6138383e3e303b313466343063646667326163653834343531383b6161323c653164626e643169303b62316167623134643a67343730333833323165666c362673696c5f716b673531383c3e383230313230676636613b606738316466643537663e3b6231356d3535636669326a3f6b6a38343360363130613b6332323732386438363361383636666138336036353c3a6d383a3a31323067623431393a3b343136313439623a613a30363534353a633635353b353f39386b333662373167363860353632383530623734633630343564666a373233653b247b616e7a3d33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=72FD373AB9CD3DDD35639DD33E4EE937?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:54 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ARF;CIS3SID=698F7B5A6CEA9FF272A1528F29F1DD1F Show response
cdn2.lfg.com/fp/ Frame 2B37 35 B
557 B 19ms
18ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/ARF;CIS3SID=698F7B5A6CEA9FF272A1528F29F1DD1F?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&pageid=99998&sera_parametere=ABYLUFACAANRUwoGBwYHB18HBlJRAgcBA1VTBAcDUAIHAFRTBlNSUQVVCxZDQw9bCBZDEBAUUiEXB3AVB3QXAFYMRQEPVAwAXERBFQN0FwUkVhNTJxRTVVpfQURDFQF2Q1F0QVR1RwFbDQUACQhXCwJUVAEHBQdSVFQKBVUBVwJeUgZSUlUFBwEIClNVA1YEAAAQCgxfAgAPVlQGVFMDUwNUBlZTAVFXABZYQw0ASgoEXw4HBlRZAwFUClEDAQVTX1MDB1dSAAAEVFBSA1JRUFRUDlFWBFFDU1kPAQADBwtAD19ZTgBHFVsNCwkJCQoUDg0LQgEMIg1AX19VFlJED19VEAYMQlwpW15HSBZTUA8SAkw7AFANCVBRUVsWVUYPVFcH&count=0&max=0

Requested by

Host: cdn2.lfg.com
URL: https://cdn2.lfg.com/fp/check.js?&pageid=99998&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&org_id=38u7vvif&nonce=ff6dc1ae20200022

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

7d397eb8da008548acad75a27664561a9add8607fd429bfe8be769022a68a2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn2.lfg.com/fp/HP?session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&org_id=38u7vvif&nonce=ff6dc1ae20200022&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=91
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
cdn2.lfg.com/fp/ Frame 0A94 0
387 B 16ms
16ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=38u7vvif&session_id=a2e442ec-75d0-4265-b999-e7e6e70e67bb&nonce=ff6dc1ae20200022&jac=1&je=31353426267565607a76635f65707467706e696e57617835373a2e36372c32303a2c303b2675696d3d7565607a76635f69667467706e696e57656c667324706f3d6c6f2660637671743f7b226c67766764203a312e38302e20737c637c7d7b2a3a20636a617067696c65207f26637564683f63676e606165343f383435376e323a6e6a6a643b3731363337363b306660643b6336343730606e373634313e363b67626d64393d313d61603736356332313335

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:25:54 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 201 i Show response
r.lr-ingest.io/ 3 KB
3 KB 1218ms
542ms XHR
application/json 104.198.23.205

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.io/i?a=o1n3rt%2Fmy-lincoln-portal-non-prod&r=4-440fb32f-182d-444c-ada9-b41a6bb9d24c&t=d3dbd8f8-79cc-4bf8-b108-dd6df4078003&s=0&rs=0%2Cu

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.198.23.205 -, , ASN (),

Reverse DNS

Software

nginx/1.17.7 / Express

Resource Hash

997424a199bfaa7ca7055183ebdca7e361dbfc1b1653e747d36329bb972fe3f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:25:57 GMT
etag: W/"b7a-WAuCs3KxwlKEnzaCLIU9Be5YNXg"
server: nginx/1.17.7
x-powered-by: Express
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret
content-length: 2938

GET
H2 200 / Show response
znb8jq3jen9fbfxzn-lfg.siteintercept.qualtrics.com/SIE/ 7 KB
4 KB 119ms
30ms Script
application/javascript 104.17.209.240

General

Check archive.org

Show headers Download Go to

Full URL

https://znb8jq3jen9fbfxzn-lfg.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_b8jq3jEn9FBfXzn

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN (),

Reverse DNS

Software

cloudflare / Express

Resource Hash

36b75916caa8d3ecb46e77bbc6155d99526d426841d8fc90b53fda2fe745963c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:25:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 448037
cf-polished: origSize=8383
edge-control: max-age=604800
x-envoy-upstream-service-time: 6
vary: Accept-Encoding
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"20bf-M9Joj937J//2ganhR8tAuvfs/+s"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 692d3c494f0f145a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 11.51290930e240602a8b51.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 55 KB
17 KB 30ms
29ms Script
application/javascript 104.17.209.240

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/11.51290930e240602a8b51.chunk.js?Q_CLIENTVERSION=1.60.0&Q_CLIENTTYPE=web&Q_BRANDID=www.np-mylincolnportal.com

Requested by

Host: www.np-mylincolnportal.com
URL: https://www.np-mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN (),

Reverse DNS

Software

cloudflare / Express

Resource Hash

90f2249bb80cf35b78c51ced9a8f54ddcb3397f0e3bb5ffeb7b422309a54f008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.np-mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:25:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 580003
cf-polished: origSize=56726
cf-ray: 692d3c497f71145a-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
last-modified: Wed, 08 Sep 2021 19:26:40 GMT
server: cloudflare
x-powered-by: Express
etag: W/"dd96-17bc6e06580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

POST Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_b8jq3jEn9FBfXzn&Q_CLIENTVERSION=1.60.0&Q_CLIENTTYPE=web

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.np-mylincolnportal.com/	1970-01-20 06:11:07	Name: utag_main Value: v_id:017c0e8ad3cb00759608eb1fbd7c03072003806a00b08$_sn:1$_se:1$_ss:1$_st:1632333351692$ses_id:1632331551692%3Bexp-session$_pn:1%3Bexp-session
.np-mylincolnportal.com/	1970-01-20 14:56:43	Name: _ga Value: GA1.2.1442485721.1632331553
.np-mylincolnportal.com/	1970-01-19 21:26:57	Name: _gid Value: GA1.2.745948822.1632331553
www.np-mylincolnportal.com/	1970-01-19 21:26:57	Name: _lr_tabs_-o1n3rt%2Fmy-lincoln-portal-non-prod Value: {%22sessionID%22:0%2C%22recordingID%22:%224-440fb32f-182d-444c-ada9-b41a6bb9d24c%22%2C%22lastActivity%22:1632331552611}
www.np-mylincolnportal.com/	1970-01-19 21:26:57	Name: _lr_hb_-o1n3rt%2Fmy-lincoln-portal-non-prod Value: {%22heartbeat%22:1632331552612}
www.np-mylincolnportal.com/	1969-12-31 23:59:59	Name: _lr_uf_-o1n3rt Value: 854aee6b-648a-42b6-92f2-c884450f4924
cdn2.lfg.com/	1970-01-21 16:37:31	Name: thx_guid Value: 007f7f86a2d84e7daa85e6950929f078
h.online-metrix.net/	1970-01-21 16:37:31	Name: thx_global_guid Value: 258e1134bd17458ab27a56235baa28cf
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9a1a7ad7a18729dd

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.np-mylincolnportal.com/customer/public/login Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://www.np-mylincolnportal.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

38u7vvifq735amrpaf4e4a6uu3apii6wpne6xhpeff6dc1ae20200022am1.e.aa.online-metrix.net
bam.nr-data.net
cdn.lr-ingest.io
cdn2.lfg.com
fonts.googleapis.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
js-agent.newrelic.com
np-mylincolnportal.com
provider-auth.np-mylincolnportal.com
r.lr-ingest.io
siteintercept.qualtrics.com
tags.tiqcdn.com
www.google-analytics.com
www.np-mylincolnportal.com
znb8jq3jen9fbfxzn-lfg.siteintercept.qualtrics.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
siteintercept.qualtrics.com
104.17.209.240
104.198.23.205
151.101.2.137
162.247.242.20
184.30.24.194
2606:4700:3033::ac43:a339
2a00:1450:4001:810::200e
2a00:1450:4001:830::200a
3.18.125.236
52.206.52.126
52.72.167.98
91.235.132.130
91.235.133.31
91.235.134.131
06779fdc25ee45738fce2063846c71b7863a8f6bba2492989cf6d454b0e5a3bb
157f86acc0df2aa8f9164c656e63bbe88efbe1c4fdc559a7afd7f2d324b12a79
191457bc4a6db5e169e8761a75ab09fcb0e14159c5a84fefd931bc761b763c53
1a7c5013dde60b9ffa3eaeba84739f27e81d715ffd6d6a0be3cf10b70284a065
1b31e52c2ce14f65d0cb11d7bfd5a0a5fc4cb4e9b4aa48ee28b51d6dd0bf0d37
2063b2ffa6ce1856c38c1c6c0bbcdac000e52361196c6ef554f7bb2b9e1e538c
2452389dcdb85f40540b5d6a42a1ca9ef8931884416a903d373e56cf611435ca
300a63d262f589afa9538674500b78482df2b3e0efda5f3072b95047a2058666
3180aff69f8beeccdcafeb373f226a9e55a36fc30282ca0ed8a651b49c600756
36b75916caa8d3ecb46e77bbc6155d99526d426841d8fc90b53fda2fe745963c
415c46266ed33b60958256731aa11d413bed68d450bd5987204e238119ed9b98
4512fefcb560f60eb68a37b548a8b5b1fb151cdfdaa7cc59d2557349fb384158
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
58150ab06b7e86c1bf0006d0dbe4ec2f20a8b13291e07b0af122dec4f360a20e
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96
6bd25f0aa4a81efaab494d6648ff7e086e42d2df20b01051e3d6ddd97cdb253b
7d397eb8da008548acad75a27664561a9add8607fd429bfe8be769022a68a2ae
8790e663bbb4530931609e62b7682bf6adb67837b93978a41cf66cc49b0aebf8
90007c8a253628acdbcfe10f3d6078f9097474c287c58f1a96ccf88905fb39bd
90f2249bb80cf35b78c51ced9a8f54ddcb3397f0e3bb5ffeb7b422309a54f008
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
997424a199bfaa7ca7055183ebdca7e361dbfc1b1653e747d36329bb972fe3f3
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
b6bfc8f895419c266785c4b54329bdaa5b0b936af578820b9d5d4dc836b2f755
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bef654a28cb715bee8b9919c49f5cfbd785c2dabaf8a7a097da525ca9d22f6
e406e68b7577854cfc6104b4178b39e2ff25a4f52ec9eda1e00fbcfa645aa7dc
e95f071d48bc4308e6fc1c543f9e13318305511e0269ddb3ec417b6cb38b4f36
e9834d6f7dd4ad10ceb877494abe13cc5b18bc1f95b8e8b918ef6e553c54043d
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.np-mylincolnportal.com Open in urlscan Pro 52.206.52.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

93 %HTTPS

21 %IPv6

11 Domains

16 Subdomains

13 IPs

2 Countries

2382 kBTransfer

9230 kBSize

9 Cookies

9 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.np-mylincolnportal.com Open in urlscan Pro
52.206.52.126 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

93 %
HTTPS

21 %
IPv6

11
Domains

16
Subdomains

13
IPs

2
Countries

2382 kB
Transfer

9230 kB
Size

9
Cookies

41 HTTP transactions
2 data transactions