www.mylincolnportal.com Open in urlscan Pro
35.170.116.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth.mylincolnportal.com/
Effective URL:
https://www.mylincolnportal.com/customer/public/login
Submission: On September 20 via automatic, source certstream-suspicious (September 20th 2021, 9:03:25 pm UTC) — Scanned from DE

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 39 HTTP transactions. The main IP is 35.170.116.59, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.mylincolnportal.com.
TLS certificate: Issued by Amazon on July 3rd 2021. Valid for: a year.

This is the only time www.mylincolnportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.16.184.248 104.16.184.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.87.43.132 54.87.43.132	14618 (AMAZON-AES) (AMAZON-AES)
1 7	35.170.116.59 35.170.116.59	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
3	184.30.24.194 184.30.24.194	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.67.163.57 172.67.163.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
16	91.235.133.31 91.235.133.31	30286 (THM) (THM)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	104.198.23.205 104.198.23.205	() ()
39	12

1 104.16.184.248 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth.mylincolnportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.43.132 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-43-132.compute-1.amazonaws.com

mylincolnportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.170.116.59 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-116-59.compute-1.amazonaws.com

www.mylincolnportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.24.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.163.57 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 91.235.133.31 (United States)

ASN30286 (THM, US)

cdn2.lfg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

4y498eekpxzfif5q6sghnyaygv5x5plcee7hokqc29aecf5c0febf2e7am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.23.205 (None, )

ASN- ()

r.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	lfg.com cdn2.lfg.com	123 KB
9	mylincolnportal.com 3 redirects auth.mylincolnportal.com mylincolnportal.com www.mylincolnportal.com	2 MB
5	online-metrix.net 1 redirects h.online-metrix.net 4y498eekpxzfif5q6sghnyaygv5x5plcee7hokqc29aecf5c0febf2e7am1.e.aa.online-metrix.net	16 KB
3	tiqcdn.com tags.tiqcdn.com	18 KB
2	nr-data.net bam.nr-data.net	544 B
2	lr-ingest.io cdn.lr-ingest.io r.lr-ingest.io	165 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	newrelic.com js-agent.newrelic.com	14 KB
1	google-analytics.com www.google-analytics.com	20 KB
0	Failed function sub() { [native code] }. Failed
39	10

	Domain	Requested by
16	cdn2.lfg.com	www.mylincolnportal.com cdn2.lfg.com
7	www.mylincolnportal.com	1 redirects www.mylincolnportal.com
4	h.online-metrix.net	1 redirects cdn2.lfg.com
3	tags.tiqcdn.com	www.mylincolnportal.com
2	bam.nr-data.net	www.mylincolnportal.com
2	fonts.googleapis.com	www.mylincolnportal.com
1	r.lr-ingest.io	www.mylincolnportal.com
1	4y498eekpxzfif5q6sghnyaygv5x5plcee7hokqc29aecf5c0febf2e7am1.e.aa.online-metrix.net
1	js-agent.newrelic.com	www.mylincolnportal.com
1	www.google-analytics.com	www.mylincolnportal.com
1	cdn.lr-ingest.io	www.mylincolnportal.com
1	mylincolnportal.com	1 redirects
1	auth.mylincolnportal.com	1 redirects
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	cdn2.lfg.com
39	14

This site contains no links.

Subject Issuer	Validity	Valid
*.mylincolnportal.com Amazon	`2021-07-03` - `2022-08-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cdn2.lfg.com DigiCert SHA2 Extended Validation Server CA	`2021-01-23` - `2022-02-22`	a year	crt.sh
*.newrelic.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-01-21` - `2022-01-21`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh
api.logrocket.com R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.mylincolnportal.com/customer/public/login
Frame ID: 14CB9DC81AEDA30AADC925457D2BFD5F
Requests: 20 HTTP requests in this frame

Frame: https://cdn2.lfg.com/fp/check.js;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&jb=363b262668716777354e61667770266a716d3544696c777024687360773f4368726d6d67246873623f416070676f6d2d30383933
Frame ID: ACAB4F1C34E9EA83B502A73E938C51C1
Requests: 12 HTTP requests in this frame

Frame: https://cdn2.lfg.com/fp/HP?session_id=cb54b782-f882-407c-81b6-265b770a1242&org_id=4y498eek&nonce=29aecf5c0febf2e7&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 5789CEF8540CD0E0CD9E00B0A07EE502
Requests: 3 HTTP requests in this frame

Frame: https://cdn2.lfg.com/fp/ls_fp.html;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7
Frame ID: BA078462FCCB3CD5F5589AEAA0DC9CF1
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7
Frame ID: 0623DF09D53D60002173824147457AAA
Requests: 2 HTTP requests in this frame

Frame: https://cdn2.lfg.com/fp/top_fp.html;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7
Frame ID: 994F4F4380C011D90A7C094C0BB0E02C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Lincoln Portal® | Lincoln Financial Group

Page URL History Show full URLs

https://auth.mylincolnportal.com/ HTTP 302
https://mylincolnportal.com/ HTTP 301
https://www.mylincolnportal.com/ HTTP 301
https://www.mylincolnportal.com/customer/public/login Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

LogRocket (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.lr-ingest\.io

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

^(?:https?:)?//tags\.tiqcdn\.com/

Page Statistics

39
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

12
IPs

3
Countries

2373 kB
Transfer

9175 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth.mylincolnportal.com/ HTTP 302
https://mylincolnportal.com/ HTTP 301
https://www.mylincolnportal.com/ HTTP 301
https://www.mylincolnportal.com/customer/public/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://h.online-metrix.net/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&k=2

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
www.mylincolnportal.com/customer/public/
Redirect Chain

https://auth.mylincolnportal.com/
https://mylincolnportal.com/
https://www.mylincolnportal.com/
https://www.mylincolnportal.com/customer/public/login

31 KB
12 KB

132ms
132ms

Document
text/html

35.170.116.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.116.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-116-59.compute-1.amazonaws.com

Software

Resource Hash

90007c8a253628acdbcfe10f3d6078f9097474c287c58f1a96ccf88905fb39bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.mylincolnportal.com
:scheme: https
:path: /customer/public/login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 20 Sep 2021 21:03:19 GMT
content-type: text/html
access-control-expose-headers: mlp-trace-id
last-modified: Thu, 16 Sep 2021 14:09:41 GMT
etag: "5b91cfc061d5fff9c64c3fe0c088b832"
x-amz-error-code: NoSuchKey
x-amz-error-message: The specified key does not exist.
x-amz-error-detail-key: customer/public/login
x-amz-request-id: BQ81VHA6RYHHJ1QB
x-amz-id-2: ueBonPtb5txVp2FJieLuofgwzX7x1yeGwb/+Uxog5Sw2VRE38AzXiTdhv3dxV8E5nfprJ9EbQoQ=
content-security-policy: frame-ancestors 'self'
x-frame-options: DENY
mlp-trace-id: 70ce21cba172eb46
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains

Redirect headers

server: awselb/2.0
date: Mon, 20 Sep 2021 21:03:19 GMT
content-type: text/html
content-length: 134
location: https://www.mylincolnportal.com:443/customer/public/login

GET
H2 200 css
fonts.googleapis.com/ 7 KB
835 B 39ms
17ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600|Ubuntu:400,500

Requested by

Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

d699de17ba0586913d99d0da680fb699dbc5f36e3ca5af63bc2da05b895636a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 21:03:19 GMT
server: ESF
date: Mon, 20 Sep 2021 21:03:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Sep 2021 21:03:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 38ms
16ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital@0;1&display=swap

Requested by

Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

e95f071d48bc4308e6fc1c543f9e13318305511e0269ddb3ec417b6cb38b4f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 21:03:19 GMT
server: ESF
date: Mon, 20 Sep 2021 21:03:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Sep 2021 21:03:19 GMT

GET
H2 200 main.css
www.mylincolnportal.com/customer/ 184 KB
60 KB 123ms
122ms Stylesheet
text/css 35.170.116.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mylincolnportal.com/customer/main.css

Requested by

Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.116.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-116-59.compute-1.amazonaws.com

Software

Resource Hash

2063b2ffa6ce1856c38c1c6c0bbcdac000e52361196c6ef554f7bb2b9e1e538c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /customer/main.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.mylincolnportal.com
referer: https://www.mylincolnportal.com/customer/public/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/customer/public/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: BQ8AG8WJ77TMM6VW
x-amz-id-2: 9krUZM52jKBv0k4p7m8gHCcUU5JbQr4L2TqW/85l7YAZuAOT/ZWbu/zxl0KodXkTQ+grSgOiI6g=
pragma: no-cache
expires: 0
last-modified: Thu, 16 Sep 2021 14:09:41 GMT
x-frame-options: DENY
etag: "c760b23d0b966a488078e6077c273961"
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self'
mlp-trace-id: df5beb77e9c303d2
access-control-expose-headers: mlp-trace-id

GET
H2 200 transformed.1d818eb4b2a8f97f9c78.js Show response
www.mylincolnportal.com/customer/ 7 MB
2 MB 223ms
223ms Script
application/javascript 35.170.116.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mylincolnportal.com/customer/transformed.1d818eb4b2a8f97f9c78.js

Requested by

Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.116.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-116-59.compute-1.amazonaws.com

Software

Resource Hash

3180aff69f8beeccdcafeb373f226a9e55a36fc30282ca0ed8a651b49c600756

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /customer/transformed.1d818eb4b2a8f97f9c78.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.mylincolnportal.com
referer: https://www.mylincolnportal.com/customer/public/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/customer/public/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: BQ88J4D2ARAKXQTD
x-amz-id-2: tK1ZIRtAX7khqFr23OGeLu6ddSdfjNDG+TbUas4ZiCIAxONXINb9qLEKk4ficOA5MrH+3RCGhq0=
pragma: no-cache
expires: 0
last-modified: Thu, 16 Sep 2021 14:09:41 GMT
x-frame-options: DENY
etag: "4d0fa5ffe02f83d90dd71b1ff1ed43d2"
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self'
mlp-trace-id: d6ccc5e2ab4f465c
access-control-expose-headers: mlp-trace-id

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/lfg/mlp/prod/ 37 KB
12 KB 77ms
12ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/lfg/mlp/prod/utag.js
Requested by: Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4dc734be40ce8219391e9fbe45c3bc7c594a31dc0411f78a6c8a36a15d4e53ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:03:19 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 14:28:31 GMT
server: AkamaiNetStorage
etag: "44bed9e3ddc27a88c9a198c4f450646c:1629988111.84852"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 11719
expires: Mon, 20 Sep 2021 21:08:19 GMT

GET
H2 200 logger-1.min.js Show response
cdn.lr-ingest.io/ 753 KB
154 KB 87ms
31ms Script
text/javascript 172.67.163.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/logger-1.min.js

Requested by

Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.163.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

130f736f0288c3b754a021ae6fed840f4f3d95ba361227d8b4ef40197d6a4649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:03:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31556926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19168-FRA
last-modified: Mon, 20 Sep 2021 20:24:01 GMT
server: cloudflare
x-timer: S1632169560.210958,VS0,VE1
etag: W/"531ecea99487396a477f42998d0d538db98168a506bb5bb6dfd0dc67bdb13d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRtUC6nnDi46eqMaun7GfIOdQONs9XyEAHVVpug61AM5RR3VZBqlyTodKzI3PKUoFKDEFWCsQxzVFD1te6VpTzVb6A0NrKHR2v46ruvjFXS24sRf8qOAFGhxWisg4byAH3tT"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 691dfff92d0a2774-PRG
x-cache-hits: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 49ms
13ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 680
date: Mon, 20 Sep 2021 20:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 20 Sep 2021 22:52:00 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58150ab06b7e86c1bf0006d0dbe4ec2f20a8b13291e07b0af122dec4f360a20e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 portal-status Show response
www.mylincolnportal.com/ 63 B
360 B 103ms
102ms XHR
application/json 35.170.116.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mylincolnportal.com/portal-status

Requested by

Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.116.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-116-59.compute-1.amazonaws.com

Software

Resource Hash

6bd25f0aa4a81efaab494d6648ff7e086e42d2df20b01051e3d6ddd97cdb253b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /portal-status
pragma: no-cache
cookie: utag_main=v_id:017c05053393000e50fa45a18dd003072003506a00b08$_sn:1$_se:1$_ss:1$_st:1632173599444$ses_id:1632171799444%3Bexp-session$_pn:1%3Bexp-session
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.mylincolnportal.com
referer: https://www.mylincolnportal.com/customer/public/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.mylincolnportal.com/customer/public/login
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 21:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 utag.72.js Show response
tags.tiqcdn.com/utag/lfg/mlp/prod/ 24 KB
6 KB 9ms
9ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/lfg/mlp/prod/utag.72.js?utv=ut4.46.202012111411
Requested by: Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4512fefcb560f60eb68a37b548a8b5b1fb151cdfdaa7cc59d2557349fb384158

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:03:20 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 14:11:20 GMT
server: AkamaiNetStorage
etag: "4ef54a36cb6f6e594eec0452664fd67f:1607695880.207707"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 5998
expires: Tue, 05 Oct 2021 21:03:20 GMT

GET
H2 200 5a1a2888585a17c688b83daa89b215b9.woff
www.mylincolnportal.com/customer/ 45 KB
25 KB 128ms
128ms Font
binary/octet-stream 35.170.116.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mylincolnportal.com/customer/5a1a2888585a17c688b83daa89b215b9.woff

Requested by

Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/main.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.116.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-116-59.compute-1.amazonaws.com

Software

Resource Hash

e406e68b7577854cfc6104b4178b39e2ff25a4f52ec9eda1e00fbcfa645aa7dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.mylincolnportal.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: utag_main=v_id:017c05053393000e50fa45a18dd003072003506a00b08$_sn:1$_se:1$_ss:1$_st:1632173599444$ses_id:1632171799444%3Bexp-session$_pn:1%3Bexp-session
:path: /customer/5a1a2888585a17c688b83daa89b215b9.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.mylincolnportal.com
referer: https://www.mylincolnportal.com/customer/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.mylincolnportal.com/customer/main.css
Origin: https://www.mylincolnportal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: XT16R3CZ5865DZHB
x-amz-id-2: fM2LgmW2d2S0skIoVNI1GWhhvq4uD/FwfpQtYAixgWoGxR85pqRZS8qh09IGXkj5jcVo2IDHQu4=
pragma: no-cache
expires: 0
last-modified: Thu, 16 Sep 2021 14:09:41 GMT
x-frame-options: DENY
etag: "4372d19a142438a10db7fcb36629cf16"
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: binary/octet-stream
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self'
mlp-trace-id: 93c94ca53c49eec8
access-control-expose-headers: mlp-trace-id

GET
H/1.1 200
OK tags.js Show response
cdn2.lfg.com/fp/ 80 KB
11 KB 483ms
15ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/tags.js?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242

Requested by

Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

17561b2efb43d48add31a6034f210ab0b9a91b9057310e19ed84317240cae7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 active Show response
www.mylincolnportal.com/mlp-ui-service/services/v1/notifications/ 2 B
401 B 107ms
107ms XHR
application/json 35.170.116.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mylincolnportal.com/mlp-ui-service/services/v1/notifications/active?functionalArea=LOGIN

Requested by

Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.116.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-116-59.compute-1.amazonaws.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /mlp-ui-service/services/v1/notifications/active?functionalArea=LOGIN
pragma: no-cache
cookie: utag_main=v_id:017c05053393000e50fa45a18dd003072003506a00b08$_sn:1$_se:1$_ss:1$_st:1632173599444$ses_id:1632171799444%3Bexp-session$_pn:1%3Bexp-session; _ga=GA1.2.765371897.1632171801; _gid=GA1.2.1557676623.1632171801; _lr_tabs_-o1n3rt%2Fmy-lincoln-portal-production={%22sessionID%22:0%2C%22recordingID%22:%224-71d2ec37-5c18-47e5-a83d-259d01a49aa1%22%2C%22lastActivity%22:1632171800749}; _lr_hb_-o1n3rt%2Fmy-lincoln-portal-production={%22heartbeat%22:1632171800750}
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.mylincolnportal.com
referer: https://www.mylincolnportal.com/customer/public/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.mylincolnportal.com/customer/public/login
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 21:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
content-type: application/json
access-control-expose-headers: mlp-trace-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000 ; includeSubDomains
mlp-trace-id: 3be9d33bfe8615e7
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 7ms
7ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=lfg/mlp/202108261428&cb=1632171800761
Requested by: Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:03:20 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 20 Sep 2021 21:13:20 GMT

GET
BLOB 200
OK 82035345-c3e2-4a04-a9f6-643719912992
https://www.mylincolnportal.com/ 426 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.mylincolnportal.com/82035345-c3e2-4a04-a9f6-643719912992
Requested by: Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fee48c15dcdd7513adbb2b04ed923b7fcaede3b3bd29d825c2dadbb829fc752a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 436210

GET
H2 200 nr-spa-1184.min.js Show response
js-agent.newrelic.com/ 37 KB
14 KB 22ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1184.min.js
Requested by: Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "6b93dbf34696df852c6d69d1652851de"
x-amz-request-id: 2W1BW58DCX2EWQ68
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14379
x-amz-id-2: Kxg6xllJVmvzvIiHSO47iXWz54eKCZ+ia37G6R0Zd4XtHGKc6W1tDJqKp09zBtkj+zNqbn795dg=
x-served-by: cache-fra19146-FRA
last-modified: Mon, 28 Sep 2020 16:34:47 GMT
server: AmazonS3
x-timer: S1632171801.266061,VS0,VE0
date: Mon, 20 Sep 2021 21:03:21 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 100

GET
H/1.1 200
OK check.js;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4 Show response
cdn2.lfg.com/fp/ Frame ACAB 259 KB
49 KB 22ms
21ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/check.js;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&jb=363b262668716777354e61667770266a716d3544696c777024687360773f4368726d6d67246873623f416070676f6d2d30383933

Requested by

Host: cdn2.lfg.com
URL: https://cdn2.lfg.com/fp/tags.js?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

2bba399ff120d8f34590ffc305f4144e48b363c4353b7dcb0038d5cee9d2daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 29aecf5c0febf2e7
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
cdn2.lfg.com/fp/ Frame ACAB 81 B
475 B 12ms
12ms Image
image/png 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
cdn2.lfg.com/fp/ Frame ACAB 81 B
474 B 25ms
12ms Image
image/png 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 21d62ec129 Show response
bam.nr-data.net/1/ 57 B
322 B 424ms
106ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/21d62ec129?a=373156804&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=3030&ck=1&ref=https://www.mylincolnportal.com/customer/public/login&be=1114&fe=3002&dc=2302&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1632171798245,%22n%22:0,%22f%22:956,%22dn%22:956,%22dne%22:956,%22c%22:956,%22ce%22:956,%22rq%22:957,%22rp%22:1089,%22rpe%22:1090,%22dl%22:1093,%22di%22:2302,%22ds%22:2302,%22de%22:2303,%22dc%22:3002,%22l%22:3002,%22le%22:3017%7D,%22navigation%22:%7B%7D%7D&fp=2329&fcp=2329&jsonp=NREUM.setToken
Requested by: Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK HP Show response
cdn2.lfg.com/fp/ Frame 5789 19 KB
6 KB 14ms
14ms Document
text/html 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/HP?session_id=cb54b782-f882-407c-81b6-265b770a1242&org_id=4y498eek&nonce=29aecf5c0febf2e7&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

952dc5f26596dcc7dc341808ab79d985a142fdcf8a748b113dddad153c87d2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: cdn2.lfg.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.mylincolnportal.com/
Accept-Encoding: gzip, deflate, br
Cookie: thx_guid=543b33ef7fb140748c38c398e1eeb5a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/

Response headers

Date: Mon, 20 Sep 2021 21:03:21 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible: IE=Edge
Content-Type: text/html;charset=UTF-8
Content-Language: de-DE
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5791
Keep-Alive: timeout=2, max=98

GET
H/1.1 200
OK clear.png Show response
cdn2.lfg.com/fp/ Frame ACAB 81 B
539 B 38ms
12ms XHR
image/png 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/clear.png

Requested by

Host: cdn2.lfg.com
URL: https://cdn2.lfg.com/fp/check.js;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&jb=363b262668716777354e61667770266a716d3544696c777024687360773f4368726d6d67246873623f416070676f6d2d30383933

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 4y498eek/29aecf5c0febf2e7cb54b782-f882-407c-81b6-265b770a1242
Referer: https://www.mylincolnportal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 21:03:21 GMT
Last-Modified: Mon, 20 Sep 2021 21:03:21 GMT
Server: Apache
Etag: 5b72d645a94547fca6fc7ab313bfeda0
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://www.mylincolnportal.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sat, 19 Sep 2026 21:03:21 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame ACAB
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&k=2

0
387 B

13ms
13ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&k=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 20 Sep 2021 21:03:21 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&k=2
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=2, max=100
Content-Length: 327

GET
H/1.1 200
OK ls_fp.html;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4 Show response
cdn2.lfg.com/fp/ Frame BA07 83 KB
12 KB 15ms
15ms Document
text/html 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/ls_fp.html;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

7cd0dc1c2932ab27862d48f094d3d1d7783be00c664d5f51c9ddfa3a479c959d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: cdn2.lfg.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.mylincolnportal.com/
Accept-Encoding: gzip, deflate, br
Cookie: thx_guid=543b33ef7fb140748c38c398e1eeb5a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/

Response headers

Date: Mon, 20 Sep 2021 21:03:21 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
cdn2.lfg.com/fp/ Frame ACAB 0
387 B 12ms
12ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&jb=3134266c716335326d323e3934693965603a6a3c3463636a67303431666039336130643b606062

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4 Show response
h.online-metrix.net/fp/ Frame 0623 96 KB
14 KB 54ms
15ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

87c6cc62f844bc73e8afef51778c74d8a9cc511cdd80a4a561db856f3c34b326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: h.online-metrix.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.mylincolnportal.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/

Response headers

Date: Mon, 20 Sep 2021 21:03:21 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
cdn2.lfg.com/fp/ Frame ACAB 0
387 B 13ms
13ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&jd=373a26266864663f3b322e6264603d6331333f38336337696160313463303164383b3833373164323066383a3a35692e686e746e3f3232393330383b32

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame ACAB 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4 Show response
cdn2.lfg.com/fp/ Frame 994F 82 KB
13 KB 16ms
15ms Document
text/html 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/top_fp.html;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

f9daf732d10d65a32af192bf12561a76be553f448f436eb9019a8d9b64c323de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: cdn2.lfg.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.mylincolnportal.com/
Accept-Encoding: gzip, deflate, br
Cookie: thx_guid=543b33ef7fb140748c38c398e1eeb5a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/

Response headers

Date: Mon, 20 Sep 2021 21:03:21 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=95
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
cdn2.lfg.com/fp/ Frame ACAB 0
218 B 13ms
13ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&ja=3337333224246b3f38247235322e663d3334383878333038322461643f333630307a3130323226737a7b353270322e6c727a3d312e333e38302e333a32322c333432302c313030322e333630322e3930383224393438302c333038382c322e38246f743f633a3832616063666135376466646c64316769303639313435323e6a39633569246f6e3f36247363643f3236246e683d6a767c727b273b49273a462530447f7f772c6f716e6b6e616d6e6e706f7074636e2c636f6f273a446b777b7c6d65657227304e7875606e61612732446e6d67696e2464703f24706c3f312e72603f3f30643a386163346a6b6660673933316235313a3761653264316066623266362e6a603f303d316a323736333c386534663f603a303b67663438633362373331376266372e687b6d35446b66757824687b6a3d416a7a6d6f6527303239332668736d773f4c696c77702462716a7d3f4b68726d6f6d2e6e6a613536246e666f3f38267478643f4776632530445d6c636c677f6c2e6d61766a7a353432323b66336330606763303267366161373630323a3a636c333d3d3638316666363d30383336396634656363303464633b34636460643730313931393b3e69246d78333f363e6b6533363030646561643a64366361313b323b663332376b323a663b6b646a613764346e3d332465645d613d756760676c576762454e273230332c38273a322047726d6e474e273a384551273a32302e322730304368706f6f6b776d2955676a4544273a384544534c2730384d53273038332c30273032284f70676e454e27323047512d303845445b4e2d323047512d3a30332c38273030416a706f6d69776d2b5567624b6b765f676a49617c273a305767604f44414c4544475d696c7176616e6367645d637072617b712d314a273a384750545f606e6d66645d6f616c6f617a273142253232455a565d636f6e6d7a5d6a776e6e677a5f68636e6e57666e6d69762733402730304558565f646e6d61745d60646766662d3b402d3230475a5c5774677a7c7770655d646b6c7465705f636c6b736f7670677261612d3b402d323055474a4349565d4d5a565f76677a747572675f646b6e7465705d696c6171677c7067706961273b4a2530324747515f676e676d656e765f6b6c6665785d77616c7c273b4a273a304f4751576e626d5d7a676c6467705d6d69706f617227314225303247475b5d7b7c636664617066576c65706b7e6376697467712533422732324d47535f766770767d706d5764646f6176273b4a2530324747515f76677a747572675f646e6d61745d6e616c6d637a2d314a2532324d4d5b5f766770767772675d6a616c665d666e6d63742531402d30384d4d5b5d7c657876777a6d5f6a6364645d666e6d63745f6c6b6e676370253340273a3247475b57746d7274677a5769727063715d6d6268676174253340253032554542454e5761676e677a5d6a756664677a57666e6d6976273340273030574540474e5d616f6d72706d717b676c57766d787477706d576576612d3140253032554542474e5f616d6f707267717b676c5d7c6d7a7c7572675d6d7c6333273b40273232554742474c5d636d6f72726571716d6657766d70767d72655d713b7c6327314a2730305547404b49545d574740454c5f616d65727a677b7b676c5f74677a7c7d72675d7b317663273140253230554540454e5f6467607d6557706d66666d7265705d6166666d273b40273232554742474c5d64676077675f716a69666d707b2d314a253232554d4a474e5d6c6772746a5d766578747772672731422530325f474a49415c5d5f4542454e576c657276605d76657a7677726525314227303257454045445d6c70697f5d6a756664677a7b2531402d3032574740454c5f6c6d73675d616f6e766770762d314a2d303857454049415c5f55474a454e5f6e6d71655f636d6e76677a742531402d3038554d4a45445f6d776e7c615f66706975333624656e5f683d36303530673237633569603b326b6d306b626330323b386267616b3435303b6461386165343131632477676e74354b66766d64273a30496c61262e77656e7a3f4b6e76676e2532304b726b712732304d726d6c4f4e2d3a324d6e676b6c6d2e6361663530&jb=333733266e73354f677861646e6925324437263825303220556b6e666d75732532324e5627303031322c38273b402d3a325f696e34362d3b422730387a34342b2730304170726c675567624b6b762d304e373b3f2c3b36253032204348564f442730432730326c696b67253032456563696d21273a324b6070676d6527304e31332c3226363737352c343325323253636463726927304e373b35263b34

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 21:03:21 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
4y498eekpxzfif5q6sghnyaygv5x5plcee7hokqc29aecf5c0febf2e7am1.e.aa.online-metrix.net/fp/ Frame ACAB 81 B
438 B 60ms
12ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4y498eekpxzfif5q6sghnyaygv5x5plcee7hokqc29aecf5c0febf2e7am1.e.aa.online-metrix.net/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js Show response
cdn2.lfg.com/fp/ Frame 5789 200 KB
28 KB 18ms
18ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/check.js?&pageid=99998&session_id=cb54b782-f882-407c-81b6-265b770a1242&org_id=4y498eek&nonce=29aecf5c0febf2e7

Requested by

Host: cdn2.lfg.com
URL: https://cdn2.lfg.com/fp/HP?session_id=cb54b782-f882-407c-81b6-265b770a1242&org_id=4y498eek&nonce=29aecf5c0febf2e7&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e8d7307a426a261cca6d374853f2e0a92fe2b8aba42cf80a9bb04ef6f94f59c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn2.lfg.com/fp/HP?session_id=cb54b782-f882-407c-81b6-265b770a1242&org_id=4y498eek&nonce=29aecf5c0febf2e7&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 29aecf5c0febf2e7
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=94
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
cdn2.lfg.com/fp/ Frame BA07 0
387 B 13ms
12ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&jf=3134266c7160356131323b3b3b6c65303734393c33313330363139343b303234343b6463303631

Requested by

Host: cdn2.lfg.com
URL: https://cdn2.lfg.com/fp/ls_fp.html;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn2.lfg.com/fp/ls_fp.html;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4
cdn2.lfg.com/fp/ Frame ACAB 0
401 B 15ms
15ms Image
image/png 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.lfg.com/fp/clear1.png;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&jf=36333426716b6c5d7a6c6c35766c725f48465d7f7875577a527b674876684a7a267169665d666174673f39343b30393f333030312471616c5f767b78673f77676038656364716124716b645f6967713f3b323d31313831333234383f32633a3e363a63673166303230333034323a32613a343c3a6b673b6c323b30313235383b343032383236623035663638363a62363b60646435616d6338373b3e326d626166646d3a643b30313a673830373431326166623b3763653963663a333b336a6b3739353766373d6d3666666b6331396060313262623b3864613b3339633b39633c67693c356e386266373c6d6634643d6061326761636561623b393b6336653666356c346a342e7b6b6c5f736b65353b30363638303030313b306131386038603736373933343f366a31693f3630323166326e383267303b32356435373366356131613033333266633a69633f3b3b313b3f3539316339383230323f31663931663634363336643a6036353164646c373831396b333031323737313e66323039323b3266303137343230626133356333346669336b616d6b316c6426716b6e7a3d32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=C4F275A05C89C46687E4846519F5EBF7
h.online-metrix.net/fp/ Frame 0623 0
400 B 15ms
15ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=C4F275A05C89C46687E4846519F5EBF7?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&jf=36333626716b6c5d7a6c6c35766c725f7133465c6353723b683658753b663049267169665d666174673f39343b30393f333030312471616c5f767b78673f77676038656364716124716b645f6967713f3b323d31313831333234383f32633a3e363a63673166303230333034323a32613a343c3a6b673b6c323b30313235383b343032383236663b3335636530616337606139353b3130663e603031676e3332323a6c3c3663326b63646667646632623363316035323663323069663b60396e30316638603b6d6d6433636b3b3635613b333564353a3331643331633635396338356d6c673131313b356b3e613b306b673233673463336130343464323b39363161383669332e7b6b6c5f736b65353b30363738303031323260343436676434333b383635643b643a346d6c663d636432356b3b6132333b36643434603135333963313235673935636438633b643d3c3569643837606e306232303a323061313b6337613467323030316131603b6e3230613f3a603d306533326e3b33343b6d6161333566373531613262333b32653936673c373b633e3b673b303067247b6166703f39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=4CB3DDAD18BAB842092E365B8C4802C4?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK 21d62ec129 Show response
bam.nr-data.net/resources/1/ 36 B
222 B 106ms
105ms XHR
text/plain 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/21d62ec129?a=373156804&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=3458&ck=1&ref=https://www.mylincolnportal.com/customer/public/login&st=1632171798245
Requested by: Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: f5cb5065cea3b6a527d7a8e39d8bc2ce7c4c543b4c326443a6416efa418b0882

Request headers

Referer: https://www.mylincolnportal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.mylincolnportal.com
Access-Control-Allow-Credentials: true
Content-Length: 36
Content-Type: text/plain;charset=iso-8859-1

GET
H/1.1 200
OK ARF;CIS3SID=E1B0DA94D3BC69F656D3E7E954ED75C1 Show response
cdn2.lfg.com/fp/ Frame 5789 35 B
557 B 14ms
14ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/ARF;CIS3SID=E1B0DA94D3BC69F656D3E7E954ED75C1?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&pageid=99998&sera_parametere=VElcBlpXB1sABARXUQMAAFMJUVwAUwZWCABUVAJWAAcDWgQDAgVUBQVeAEQVQVheXEkUERBDBicVUSdHUXZABQJTEgAPA1gGXhIWR1V2QABwCURSJ0MHU1gJFhYVF1ZzFw4jQFQiEwdZW1JSXwoADlYLAwAHUlNUVgJdVwMDAAcKDVFTUgJRAQNeXQEDAQEBVF9HCwwIVgYNVFwDA1EDAlEJBwABAAcGB0APEVsCHQ8EDgMHWwIGVQZQBgAEClwDUF9QV1EAUVcIBVZVAANSBVAJWQZRVAZFUQ9YU1YBUwcUUAhYTlcTE1lbXFtfC10RWlJcQwFbdgtCCQgHQFATCgsKRwcMFQgvWQgQGkBRBwpGXRs6AAdZD1IHBglAVxEKAwtU&count=0&max=0

Requested by

Host: cdn2.lfg.com
URL: https://cdn2.lfg.com/fp/check.js?&pageid=99998&session_id=cb54b782-f882-407c-81b6-265b770a1242&org_id=4y498eek&nonce=29aecf5c0febf2e7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a59ee8626b3baf8ce8b431c56e528df35f3ddffedaf1a5d4b4fc557558f52fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn2.lfg.com/fp/HP?session_id=cb54b782-f882-407c-81b6-265b770a1242&org_id=4y498eek&nonce=29aecf5c0febf2e7&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
cdn2.lfg.com/fp/ Frame ACAB 0
387 B 13ms
12ms Script
text/javascript 91.235.133.31
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2.lfg.com/fp/clear.png?org_id=4y498eek&session_id=cb54b782-f882-407c-81b6-265b770a1242&nonce=29aecf5c0febf2e7&jac=1&je=3335372624756d607a766b5767707465706c69645f6b72353033362c3331312e3133342c30363126756b653f7f676a7a766b5f696c766d7a6e636e576f666e7124726d3d6e6d2660637673743f792a6e6d746d642032312e3232242a7376637c77712238206168617265696c65207d2663776c6a35616d6e60696534353a3e3f3764323a646062663b3533363135363b306662643b613e363d326a6e373e34313434316d62676439373b3563603534356130313335

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.31 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Sep 2021 21:03:22 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 201 i Show response
r.lr-ingest.io/ 10 KB
11 KB 1255ms
428ms XHR
application/json 104.198.23.205

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.io/i?a=o1n3rt%2Fmy-lincoln-portal-production&r=4-71d2ec37-5c18-47e5-a83d-259d01a49aa1&t=7149e242-6fa2-41aa-8d95-c89ed8e6cc9f&s=0&rs=0%2Cu

Requested by

Host: www.mylincolnportal.com
URL: https://www.mylincolnportal.com/customer/public/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.198.23.205 -, , ASN (),

Reverse DNS

Software

nginx/1.17.7 / Express

Resource Hash

c953cb2d47f643955fef17dd7923e70c3cafd6c713e716efc4e49e2247a11e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mylincolnportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:03:24 GMT
etag: W/"29b9-OgdwKSW0S66Pviy64qFRpiYHUUg"
server: nginx/1.17.7
x-powered-by: Express
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret
content-length: 10681

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mylincolnportal.com/	1970-01-20 06:08:27	Name: utag_main Value: v_id:017c05053393000e50fa45a18dd003072003506a00b08$_sn:1$_se:1$_ss:1$_st:1632173599444$ses_id:1632171799444%3Bexp-session$_pn:1%3Bexp-session
.mylincolnportal.com/	1970-01-20 14:54:03	Name: _ga Value: GA1.2.765371897.1632171801
.mylincolnportal.com/	1970-01-19 21:24:18	Name: _gid Value: GA1.2.1557676623.1632171801
www.mylincolnportal.com/	1970-01-19 21:24:18	Name: _lr_tabs_-o1n3rt%2Fmy-lincoln-portal-production Value: {%22sessionID%22:0%2C%22recordingID%22:%224-71d2ec37-5c18-47e5-a83d-259d01a49aa1%22%2C%22lastActivity%22:1632171800749}
www.mylincolnportal.com/	1970-01-19 21:24:18	Name: _lr_hb_-o1n3rt%2Fmy-lincoln-portal-production Value: {%22heartbeat%22:1632171800750}
www.mylincolnportal.com/	1969-12-31 23:59:59	Name: _lr_uf_-o1n3rt Value: 49deb951-7ccb-412e-939c-55e11859729c
cdn2.lfg.com/	1970-01-21 16:34:51	Name: thx_guid Value: 543b33ef7fb140748c38c398e1eeb5a0
h.online-metrix.net/	1970-01-21 16:34:51	Name: thx_global_guid Value: e337a4472efa4675910f7196008a7d58
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: d7b429f18c8b3f5b

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.mylincolnportal.com/customer/public/login Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://www.mylincolnportal.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4y498eekpxzfif5q6sghnyaygv5x5plcee7hokqc29aecf5c0febf2e7am1.e.aa.online-metrix.net
auth.mylincolnportal.com
bam.nr-data.net
cdn.lr-ingest.io
cdn2.lfg.com
fonts.googleapis.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
js-agent.newrelic.com
mylincolnportal.com
r.lr-ingest.io
tags.tiqcdn.com
www.google-analytics.com
www.mylincolnportal.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
104.16.184.248
104.198.23.205
142.250.184.202
151.101.2.137
162.247.242.19
172.217.16.142
172.67.163.57
184.30.24.194
35.170.116.59
54.87.43.132
91.235.132.130
91.235.133.31
91.235.134.131
130f736f0288c3b754a021ae6fed840f4f3d95ba361227d8b4ef40197d6a4649
17561b2efb43d48add31a6034f210ab0b9a91b9057310e19ed84317240cae7c4
2063b2ffa6ce1856c38c1c6c0bbcdac000e52361196c6ef554f7bb2b9e1e538c
2bba399ff120d8f34590ffc305f4144e48b363c4353b7dcb0038d5cee9d2daf9
3180aff69f8beeccdcafeb373f226a9e55a36fc30282ca0ed8a651b49c600756
4512fefcb560f60eb68a37b548a8b5b1fb151cdfdaa7cc59d2557349fb384158
4dc734be40ce8219391e9fbe45c3bc7c594a31dc0411f78a6c8a36a15d4e53ec
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
58150ab06b7e86c1bf0006d0dbe4ec2f20a8b13291e07b0af122dec4f360a20e
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96
6bd25f0aa4a81efaab494d6648ff7e086e42d2df20b01051e3d6ddd97cdb253b
7cd0dc1c2932ab27862d48f094d3d1d7783be00c664d5f51c9ddfa3a479c959d
87c6cc62f844bc73e8afef51778c74d8a9cc511cdd80a4a561db856f3c34b326
90007c8a253628acdbcfe10f3d6078f9097474c287c58f1a96ccf88905fb39bd
952dc5f26596dcc7dc341808ab79d985a142fdcf8a748b113dddad153c87d2b3
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a59ee8626b3baf8ce8b431c56e528df35f3ddffedaf1a5d4b4fc557558f52fc8
c953cb2d47f643955fef17dd7923e70c3cafd6c713e716efc4e49e2247a11e44
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d699de17ba0586913d99d0da680fb699dbc5f36e3ca5af63bc2da05b895636a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e406e68b7577854cfc6104b4178b39e2ff25a4f52ec9eda1e00fbcfa645aa7dc
e8d7307a426a261cca6d374853f2e0a92fe2b8aba42cf80a9bb04ef6f94f59c3
e95f071d48bc4308e6fc1c543f9e13318305511e0269ddb3ec417b6cb38b4f36
f5cb5065cea3b6a527d7a8e39d8bc2ce7c4c543b4c326443a6416efa418b0882
f9daf732d10d65a32af192bf12561a76be553f448f436eb9019a8d9b64c323de
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fee48c15dcdd7513adbb2b04ed923b7fcaede3b3bd29d825c2dadbb829fc752a

www.mylincolnportal.com Open in urlscan Pro 35.170.116.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

95 %HTTPS

0 %IPv6

10 Domains

14 Subdomains

12 IPs

3 Countries

2373 kBTransfer

9175 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mylincolnportal.com Open in urlscan Pro
35.170.116.59 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

12
IPs

3
Countries

2373 kB
Transfer

9175 kB
Size

9
Cookies

39 HTTP transactions
1 data transactions