urlscan.io logo urlscan.io
SecurityTrails logo

secure.ngpvan.com Open in urlscan Pro
45.60.33.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.ngpvan.com/k/7001111/65102262/-744106999?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9OR1AvTkdQMDcvMS83N...
Effective URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Submission: On May 29 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 45 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is secure.ngpvan.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on February 8th 2018. Valid for: 3 years.
This is the only time secure.ngpvan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 14 45.60.33.183 19551 (INCAPSULA)
1 52.239.157.138 8075 (MICROSOFT...)
2 52.85.188.70 16509 (AMAZON-02)
1 152.199.19.160 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 40.114.13.25 8075 (MICROSOFT...)
7 52.85.188.185 16509 (AMAZON-02)
1 9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.69.65.22 8075 (MICROSOFT...)
45 14
14    45.60.33.183 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
click.ngpvan.com
secure.ngpvan.com
fastaction.ngpvan.com
actions.ngpvan.com
secure.everyaction.com
1    52.239.157.138 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
nvlupin.blob.core.windows.net
2    52.85.188.70 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-188-70.fra2.r.cloudfront.net
d1aqhv4sn5kxtx.cloudfront.net
1    152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az416426.vo.msecnd.net
2    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
1    2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com
2    40.114.13.25 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
profile.ngpvan.com
7    52.85.188.185 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-188-185.fra2.r.cloudfront.net
d1aqhv4sn5kxtx.cloudfront.net
9    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    13.69.65.22 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
dc.services.visualstudio.com
Domain Requested by
10 secure.ngpvan.com 1 redirects secure.ngpvan.com
az416426.vo.msecnd.net
9 www.google-analytics.com 1 redirects www.googletagmanager.com
secure.ngpvan.com
9 d1aqhv4sn5kxtx.cloudfront.net secure.ngpvan.com
d1aqhv4sn5kxtx.cloudfront.net
www.googletagmanager.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 stats.g.doubleclick.net secure.ngpvan.com
2 profile.ngpvan.com d1aqhv4sn5kxtx.cloudfront.net
az416426.vo.msecnd.net
2 platform.twitter.com secure.ngpvan.com
platform.twitter.com
2 connect.facebook.net secure.ngpvan.com
connect.facebook.net
2 www.googletagmanager.com secure.ngpvan.com
d1aqhv4sn5kxtx.cloudfront.net
1 secure.everyaction.com az416426.vo.msecnd.net
1 actions.ngpvan.com secure.ngpvan.com
1 fastaction.ngpvan.com d1aqhv4sn5kxtx.cloudfront.net
1 ssl.google-analytics.com secure.ngpvan.com
1 staticxx.facebook.com connect.facebook.net
1 az416426.vo.msecnd.net secure.ngpvan.com
1 nvlupin.blob.core.windows.net secure.ngpvan.com
1 click.ngpvan.com 1 redirects
45 17

This site contains links to these domains. Also see Links.

Domain
www.jenniferforcms.com
fastaction.ngpvan.com
www.ngpvan.com
Subject Issuer Validity Valid
*.ngpvan.com
RapidSSL RSA CA 2018		 2018-02-08 -
2021-02-07		 3 years crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 5		 2019-05-22 -
2021-05-22		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-07-21		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
dc.services.visualstudio.com
Microsoft IT TLS CA 2		 2019-05-17 -
2021-05-17		 2 years crt.sh
*.everyaction.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-19 -
2021-02-18		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Frame ID: 1648A4DE2E542822F72C247299E6C03C
Requests: 45 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 958ECAA9922F2997AFB5B0B1DD58095D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.acdc742362712a538e04edf50787b6b9.html?origin=https%3A%2F%2Fsecure.ngpvan.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 466174D028CC2134ED4A5CEE6D14E1D0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.ngpvan.com/k/7001111/65102262/-744106999?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhb... HTTP 302
    http://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2 HTTP 301
    https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i

Page Statistics

45
Requests

100 %
HTTPS

46 %
IPv6

12
Domains

17
Subdomains

14
IPs

5
Countries

630 kB
Transfer

1881 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.ngpvan.com/k/7001111/65102262/-744106999?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9OR1AvTkdQMDcvMS83NTE0MCIsDQogICJEaXN0cmlidXRpb25VbmlxdWVJZCI6ICJjZDZhMGU3My00NTdlLWU5MTEtYWJjNC0yODE4NzgzOTFlZmIiLA0KICAiRW1haWxBZGRyZXNzIjogImhqb25lc0B0aWFhLWNyZWYub3JnIg0KfQ%3D%3D&hmac=9I22Ie2K0gUXk8f0iE14wNKlyY9DiQ1ZYVAbdblqV-w= HTTP 302
    http://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2 HTTP 301
    https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=823784216&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FSfZad1PgtkCJ53UvW1ZKSg2&ul=en-us&de=UTF-8&dt=RSVP%20For%20Our%20Campaign%20Kickoff!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Accelerator&ev=16&_u=YEDAAEAB~&jid=738690444&gjid=336818016&cid=31110795.1559141434&tid=UA-28243511-20&_gid=1021301050.1559141434&_r=1&gtm=2wg5f25L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP07%2F1%2F75140&cd4=1015534&cd5=Kickoff_RSVP_Donor&cd6=SfZad1PgtkCJ53UvW1ZKSg2&z=444966152 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=31110795.1559141434&jid=738690444&_gid=1021301050.1559141434&gjid=336818016&_v=j76&z=444966152

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set SfZad1PgtkCJ53UvW1ZKSg2
secure.ngpvan.com/
Redirect Chain
  • https://click.ngpvan.com/k/7001111/65102262/-744106999?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9OR1AvTkdQMDcvMS83NTE0MCIsDQogICJEaXN0cmlidXRpb25VbmlxdWVJZCI6ICJjZDZhMGU3My00NTdlLWU5MTEtYWJjN...
  • http://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
  • https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
91732c6915d687647b8a8e89d983c7f308ab1235051e15a592f01f331339997b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
secure.ngpvan.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Cookie
visid_incap_1392936=LptJeRr8QU2L8kcBiYoQmjic7lwAAAAAQUIPAAAAAACwYS3YBz72riehWjFBn2xI; nlbi_1392936=kPzRbfAaUXOKCrv7EgJYbgAAAADiwDJ5QdVgFJF0H9Ynu44y; incap_ses_727_1392936=y5aWeJwbr2R059cOptMWCjic7lwAAAAAtw+LIRo047THYSNROhWZ6w==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
TiPMix=96.140717061302; path=/; HttpOnly; Domain=secure.ngpvan.com visid_incap_1002065=ixiStb8gRnSQpV4m9CazmTic7lwAAAAAQUIPAAAAAAAyVwKhUdVuYw7yUnFfRi3S; expires=Thu, 28 May 2020 11:35:02 GMT; path=/; Domain=.ngpvan.com nlbi_1002065=kR+LY9qWyWEFM1Sc/jHQnQAAAADv3j1wFdbyk8jJrIhKc7Kz; path=/; Domain=.ngpvan.com incap_ses_727_1002065=leiuVy7F6SOO59cOptMWCjic7lwAAAAAyngZnufryVExygv8aqesGQ==; path=/; Domain=.ngpvan.com
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers
Request-Context
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date
Wed, 29 May 2019 14:50:32 GMT
X-Iinfo
4-18155607-18155609 NNNN CT(0 0 0) RT(1559141432280 29) q(0 0 0 0) r(1 1) U12
X-CDN
Incapsula
Transfer-Encoding
chunked

Redirect headers

Location
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Content-Length
0
Connection
close
published.css
secure.ngpvan.com/Content/css/forms/ 		389 B
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Content/css/forms/published.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
0bb4162f0b42086a35ba69b25bbebb373401777a9fbfee8e45b56f502cff7a64

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 14:50:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 23:23:52 GMT
X-CDN
Incapsula
Etag
"074f4ece29d51:0"
Content-Type
text/css
X-Iinfo
4-18155607-0 0CNN RT(1559141432280 173) q(0 -1 -1 -1) r(0 -1)
Content-Length
237
script-error
secure.ngpvan.com/js/ 		228 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/js/script-error?v=GeYv9wZQnND5uIxL5ZRwfSHLeWRBgivVndhzehZsiRA1
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 14:50:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jan 2019 19:03:21 GMT
X-CDN
Incapsula
Content-Type
text/javascript; charset=utf-8
X-Iinfo
4-18155607-0 0CNN RT(1559141432280 188) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=19541569, public
Content-Length
163
Expires
Fri, 10 Jan 2020 19:03:21 GMT
DLJ_Logo1%20(4).png
nvlupin.blob.core.windows.net/images/van/NGP/NGP07/1/75140/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP07/1/75140/images/DLJ_Logo1%20(4).png
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d0f8667fd23ccd173c0e463a8b4323d48fa07414ade13c7bcb9df883b448679d

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 29 May 2019 14:50:32 GMT
Last-Modified
Wed, 22 May 2019 16:52:50 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D6DED5ECBCC9FE
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
9bf03f45-b01e-000c-612d-16ff09000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
22011
at.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		810 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.70 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-70.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ac3ff6b0e9b12bf200b65c1ea40333f7697efe75fdf63156a11d0f5a7fbe649

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Origin
https://secure.ngpvan.com

Response headers

Date
Tue, 28 May 2019 17:37:23 GMT
Content-Encoding
gzip
Age
76433
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
238790
Via
1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
Last-Modified
Wed, 22 May 2019 17:36:11 GMT
Server
AmazonS3
ETag
"8c83c1ca154720e1dd1fc0e7c2f54123"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, s-maxage=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
xyxE8t3MJAFVH6_QXTdzCMRkHqtINTIhbroucW6iXJb-ho7FMdBq6g==
base-js.gif
secure.ngpvan.com/Content/images/ 		35 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/Content/images/base-js.gif
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Iinfo
4-18155607-0 0CNN RT(1559141432280 210) q(0 -1 -1 -1) r(0 -1)
Date
Wed, 29 May 2019 14:50:32 GMT
Last-Modified
Mon, 13 May 2019 23:23:52 GMT
X-CDN
Incapsula
Etag
"074f4ece29d51:0"
Content-Length
35
Content-Type
image/gif
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		95 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 29 May 2019 14:50:39 GMT
content-encoding
gzip
content-md5
7JhCKwvLjoUoS5N/nN9LRA==
x-cache
HIT
status
200
content-length
21636
x-ms-lease-status
unlocked
last-modified
Mon, 27 Aug 2018 19:51:06 GMT
server
ECAcc (frc/8FA5)
etag
0x8D60C566D4F1460
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
168666a1-201e-00e4-4e2d-16f7ee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=600
x-ms-version
2009-09-19
gtm.js
www.googletagmanager.com/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM473M
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
4d83007fe8ec607bcbe73f0adabf7a6b2e7650dcab7f68a156908e53585b075d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 14:50:33 GMT
content-encoding
br
last-modified
Tue, 28 May 2019 23:00:26 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
22579
x-xss-protection
0
expires
Wed, 29 May 2019 14:50:33 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
17231ecbe4e145dcaf354bd3d64bd32451498ab3609f10bb8c76ce3e6936ad30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
BAnirfTUMj3KZmTeUOWlgQ==
status
200
date
Wed, 29 May 2019 14:50:33 GMT
vary
Accept-Encoding
content-length
1779
x-fb-debug
Ktk2fvXLkPaUnU9Fwx9iK5+hxdb8vDbr5TOOuNFnSlo0FZpu2XwLs5w5ZQR+L1yqrv5xU7+aA2z4Hj83Se+TpA==
x-fb-content-md5
275f5cc960e1e653749b0c9b54ffe2ef
etag
"10fc47ea7b0aaecb025f3453b8de80bd"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 29 May 2019 14:56:28 GMT
widgets.js
platform.twitter.com/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4185) /
Resource Hash
4f2f577f4ea7a451afdfee3fdb8cf28074f4b369cc3d14cc3d0d3781c7ac5367

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 14:50:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 May 2019 16:15:52 GMT
Server
ECS (fcn/4185)
Etag
"1c70d5cfc9f27ef1574238927a7af36e+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28026
sdk.js
connect.facebook.net/en_US/ 		195 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=3f9be342e6dca3397b5a10e65cfc1f08&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e57c084f52c1fe0232bfe1bd5902429825c2fbba17ef00d5c7e61cd3d9404389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Origin
https://secure.ngpvan.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
i/gLxiflf9iILtDEYrZTlQ==
status
200
date
Wed, 29 May 2019 14:50:33 GMT
vary
Accept-Encoding
content-length
59627
x-fb-debug
QJvj8yWYESjFPqf1F/ie21j4WKZYm07+aiHe7Mex44krDPwdVDRWVmdn2vWd76dwMoPTpL37qYTsrUJMpa19yQ==
x-fb-content-md5
55e1b7ee8677bee79f2b6ec691e5f386
etag
"1199ab8ec86c3d9929e654b4270bee5a"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 28 May 2020 13:05:28 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 958E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3f9be342e6dca3397b5a10e65cfc1f08&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 23 May 2020 18:55:58 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
EQ4HnuBNGDOUfkwd5YUDQ8IZH3TD/Bqe0RPOxSgeAJBcVGIvLROZG0dRszkhg/AqdPAlZ5JfksecmozScV+qUQ==
content-length
11186
date
Wed, 29 May 2019 14:50:33 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
5629
date
Wed, 29 May 2019 13:16:44 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Wed, 29 May 2019 15:16:44 GMT
with-js.gif
secure.ngpvan.com/Content/images/ 		35 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/Content/images/with-js.gif
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Iinfo
4-18155607-0 0CNN RT(1559141432280 481) q(0 -1 -1 -1) r(0 -1)
Date
Wed, 29 May 2019 14:50:32 GMT
Last-Modified
Mon, 13 May 2019 23:23:52 GMT
X-CDN
Incapsula
Etag
"074f4ece29d51:0"
Content-Length
35
Content-Type
image/gif
_Incapsula_Resource
secure.ngpvan.com/ 		108 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1801796278
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
9631b51e0d80f7ae60716ebdba58df800b885bae18dd7e952ada7ffc47e27189

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache
Content-Length
15756
Content-Type
application/javascript
widget_iframe.acdc742362712a538e04edf50787b6b9.html
platform.twitter.com/widgets/ Frame 4661 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.acdc742362712a538e04edf50787b6b9.html?origin=https%3A%2F%2Fsecure.ngpvan.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4193) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 29 May 2019 14:50:33 GMT
Etag
"347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified
Fri, 24 May 2019 16:14:15 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4193)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5783
identity
profile.ngpvan.com/ 		72 B
850 B 		Script
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
30064defd5c20900b91bb29a867f34e5c2f81d8a3dcd5b9e154ac34eb4764431
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 14:50:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
Express, ASP.NET
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Content-Type
text/javascript; charset=utf-8
Content-Length
192
ETag
W/"48-Yzgpj+8wwXSpxJEOpId2DVoggBc"
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag
gtm.js
www.googletagmanager.com/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
5ab67a9e9f8b010cd0a625b87af67601c1edc0b5c657b5121766c018bf352068
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 14:50:33 GMT
content-encoding
br
last-modified
Tue, 28 May 2019 22:59:43 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
21484
x-xss-protection
0
expires
Wed, 29 May 2019 14:50:33 GMT
at.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		105 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.185 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-185.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb58b2c1b8ec8cdc8a521fcb1556b86ecae136cd25d742e1cc7aacccc166b045

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 May 2019 17:37:47 GMT
Content-Encoding
gzip
Age
76430
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
19839
Via
1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront)
Last-Modified
Wed, 22 May 2019 17:36:11 GMT
Server
AmazonS3
ETag
"5b07ed767148879564cdaff484acf687"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, s-maxage=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
-XDEtY1YxsZbflmQA5m8-rgZ3s1xVh1iHb6B6V7F7n2MuJB7WLEK3Q==
extra.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		74 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.185 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-185.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0a17ec6c92e1ca8c9c87a36a4aef89d44d70c9f900fff6a1c7a5dbba189298d

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 May 2019 17:37:47 GMT
Content-Encoding
gzip
Age
76430
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
17324
Via
1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
Last-Modified
Wed, 22 May 2019 17:36:11 GMT
Server
AmazonS3
ETag
"22eb5f8a9bf8c4455ccc20fb43acb06d"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, s-maxage=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
JhAVWULivljbEzq2wqFbRSHMDE7oCSA5YP3Cwz-fz9xurmF8_2LJog==
_Incapsula_Resource
secure.ngpvan.com/ 		1 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWKMTFSR=1&e=0.19942252740050526
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Length
1
Content-Type
text/plain
SfZad1PgtkCJ53UvW1ZKSg2
secure.ngpvan.com/v1/Forms/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/v1/Forms/SfZad1PgtkCJ53UvW1ZKSg2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
13ff44636b6db317d37ea1cb1bae6785c72e0409b30029a86675af6b9ac8061a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
X-Requested-With
XMLHttpRequest
Request-Id
|kli5k.+zEpi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Transfer-Encoding
chunked
X-Iinfo
3-14689571-14689601 NNNN CT(0 0 0) RT(1559141432485 416) q(0 0 0 -1) r(1 1) U2
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma
no-cache
Last-Modified
Wed, 29 May 2019 14:49:26 GMT
Date
Wed, 29 May 2019 14:50:33 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8; =utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
ETag
"6a3a7c97-3dc7-433c-9dd6-b35abf3ab7b9"
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires
-1
ngpvan-logo-16.png
d1aqhv4sn5kxtx.cloudfront.net/images/ 		617 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/images/ngpvan-logo-16.png
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.185 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-185.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16

Request headers

Referer
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 10 Mar 2019 17:11:49 GMT
Via
1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
Age
6903525
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
617
Last-Modified
Thu, 28 Aug 2014 21:19:38 GMT
Server
AmazonS3
ETag
"3d6f9aab1e809b87c195e78264cb01f8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
yQk_V9JbC2C66zSCH1aX5fAwW3Hfr5F4LV0QxNxmYsAUUsVnKE_X4w==
sweetspot.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.185 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-185.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 01:24:55 GMT
Via
1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
Age
48339
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8149
Last-Modified
Wed, 01 Mar 2017 15:31:32 GMT
Server
AmazonS3
ETag
"37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, s-maxage=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
9mDyA5Pu1PqjRUAJFLtYV2L2E0pAdsGAXjZmfSNG9_tPudNie0vvag==
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
4680
date
Wed, 29 May 2019 13:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Wed, 29 May 2019 15:32:33 GMT
identity
fastaction.ngpvan.com/api/v1/ 		186 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1559141433709=
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Cowboy / Express
Resource Hash
4a640f2fa15d046f3153324657d1268ab935c8cfe3a159a371c19365333f75e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-CDN
Incapsula
X-Powered-By
Express
Transfer-Encoding
chunked
P3p
CP="NOI ADM DEV COM NAV OUR STP"
X-Iinfo
12-23366503-23366505 NNNN CT(109 237 0) RT(1559141433096 30) q(0 0 3 0) r(6 6) U4
Connection
keep-alive
Content-Encoding
gzip
Etag
W/"ba-1629223210"
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
Server
Cowboy
Date
Wed, 29 May 2019 14:50:34 GMT
Vary
X-HTTP-Method-Override, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
gtmtools.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/gtmtools.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.185 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-185.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d3027bdc2a09d45d2398cc69aaecccb13cae262460a5d502e6ea289f421f1db

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 May 2019 15:02:14 GMT
Via
1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
Last-Modified
Thu, 25 Apr 2019 15:40:27 GMT
Server
AmazonS3
Age
85700
ETag
"9e70537eecebd0e559cbe41c8facec34"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Cache
Hit from cloudfront
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4233
X-Amz-Cf-Id
lWKwXle-4gw9DF0AJrRHyZ0-GMErqc95-IDiZB32H-FK8P3xhk_Ctw==
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
glyphicons-regular.woff2
d1aqhv4sn5kxtx.cloudfront.net/actiontag/fonts/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/fonts/glyphicons-regular.woff2
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.70 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-70.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
Origin
https://secure.ngpvan.com

Response headers

Date
Wed, 29 May 2019 05:45:33 GMT
Via
1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
Age
35267
X-Cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
Connection
keep-alive
Content-Length
96388
Last-Modified
Wed, 12 Apr 2017 14:33:38 GMT
Server
AmazonS3
ETag
"aca35251952e72d9e32d41217f0f97ab"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
AV2st-p_6rJF4yaDCksflwvyfeoOU3dXEhiS0KqYh5SBIXvZ_diyaA==
truncated
/ 		784 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
cc.png
d1aqhv4sn5kxtx.cloudfront.net/actiontag/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/images/cc.png
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.185 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-185.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

Referer
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 May 2019 09:44:16 GMT
Via
1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
Age
67
X-Cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
Connection
keep-alive
Content-Length
3392
Last-Modified
Thu, 30 Apr 2015 15:08:39 GMT
Server
AmazonS3
ETag
"294b44fc8703a45684537d51e363c045"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
lOnfc57Lqa5e9Sg7bsu47s7TZP4FUaJcN14OSjvld926Ap_o0nX0wg==
fast-action.png
d1aqhv4sn5kxtx.cloudfront.net/images/ 		1019 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/images/fast-action.png
Requested by
Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.185 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-185.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321

Request headers

Referer
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 May 2019 02:16:32 GMT
Via
1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront)
Age
2118842
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1019
Last-Modified
Fri, 06 Feb 2015 17:50:28 GMT
Server
AmazonS3
ETag
"fe324c0498d28e434d58e6d547ba19a1"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
X-Amz-Cf-Id
Ew_Rxqphf8IDhmTM0U3NaxSxA08AmxFfDo_xBdgdgM-JHRE1U9NP6g==
SfZad1PgtkCJ53UvW1ZKSg2
actions.ngpvan.com/v1/Track/ 		0
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://actions.ngpvan.com/v1/Track/SfZad1PgtkCJ53UvW1ZKSg2
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Expires
-1
X-CDN
Incapsula
Date
Wed, 29 May 2019 14:50:33 GMT
X-Frame-Options
SAMEORIGIN
X-Iinfo
11-15454601-15454604 NNNN CT(0 0 0) RT(1559141433210 32) q(0 0 0 -1) r(1 1) U2
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Content-Length
0
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
collect
www.google-analytics.com/r/ 		35 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j76&a=823784216&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FSfZad1PgtkCJ53UvW1ZKSg2&ul=en-us&de=UTF-8&dt=RSVP%20For%20Our%20Campaign%20Kickoff!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Downloading&utt=153&_u=YEBAAEAB~&jid=1645785302&gjid=139650231&cid=31110795.1559141434&tid=UA-28243511-22&_gid=1021301050.1559141434&_r=1&gtm=2wg5f25L2FSL&z=919061673
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 14:50:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=823784216&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FSfZad1PgtkCJ53UvW1ZKSg2&ul=en-us&de=UTF-8&dt=RSVP%20For%20Our%20Campaign%20K...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=31110795.1559141434&jid=738690444&_gid=1021301050.1559141434&gjid=336818016&_v=j76&z=444966152
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=31110795.1559141434&jid=738690444&_gid=1021301050.1559141434&gjid=336818016&_v=j76&z=444966152
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Wed, 29 May 2019 14:50:34 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 May 2019 14:50:34 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=31110795.1559141434&jid=738690444&_gid=1021301050.1559141434&gjid=336818016&_v=j76&z=444966152
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=823784216&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FSfZad1PgtkCJ53UvW1ZKSg2&ul=en-us&de=UTF-8&dt=RSVP%20For%20Our%20Campaign%20Kickoff!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDAgEAB~&jid=182500198&gjid=794272355&cid=31110795.1559141434&tid=UA-28243511-20&_gid=1021301050.1559141434&gtm=2wg5f25L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP07%2F1%2F75140&cd4=1015534&cd5=Kickoff_RSVP_Donor&cd6=SfZad1PgtkCJ53UvW1ZKSg2&z=362121884
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 01:36:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7046016
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-28243511-20&cid=31110795.1559141434&jid=182500198&gjid=794272355&_gid=1021301050.1559141434&_u=YGDAgEAB~&z=2064285373
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Wed, 29 May 2019 14:50:34 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=823784216&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FSfZad1PgtkCJ53UvW1ZKSg2&ul=en-us&de=UTF-8&dt=RSVP%20For%20Our%20Campaign%20Kickoff!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Processing&utt=8&_u=YGDAAEAB~&jid=&gjid=&cid=31110795.1559141434&tid=UA-28243511-22&_gid=1021301050.1559141434&gtm=2wg5f25L2FSL&z=2069758887
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 01:36:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7046016
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=823784216&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FSfZad1PgtkCJ53UvW1ZKSg2&ul=en-us&de=UTF-8&dt=RSVP%20For%20Our%20Campaign%20Kickoff!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Render&utt=79&_u=YGDAAEAB~&jid=&gjid=&cid=31110795.1559141434&tid=UA-28243511-22&_gid=1021301050.1559141434&gtm=2wg5f25L2FSL&z=2107700836
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 01:36:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7046016
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=823784216&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FSfZad1PgtkCJ53UvW1ZKSg2&ul=en-us&de=UTF-8&dt=RSVP%20For%20Our%20Campaign%20Kickoff!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Fill&utt=13&_u=YGDAAEAB~&jid=&gjid=&cid=31110795.1559141434&tid=UA-28243511-22&_gid=1021301050.1559141434&gtm=2wg5f25L2FSL&z=1177258004
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 01:36:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7046016
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=823784216&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FSfZad1PgtkCJ53UvW1ZKSg2&ul=en-us&de=UTF-8&dt=RSVP%20For%20Our%20Campaign%20Kickoff!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Form&utt=257&_u=YGDAAEAB~&jid=&gjid=&cid=31110795.1559141434&tid=UA-28243511-22&_gid=1021301050.1559141434&gtm=2wg5f25L2FSL&z=945638741
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 01:36:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7046016
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=823784216&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FSfZad1PgtkCJ53UvW1ZKSg2&ul=en-us&de=UTF-8&dt=RSVP%20For%20Our%20Campaign%20Kickoff!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Total&utt=362&_u=YGDAAEAB~&jid=&gjid=&cid=31110795.1559141434&tid=UA-28243511-22&_gid=1021301050.1559141434&gtm=2wg5f25L2FSL&z=1407493825
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 01:36:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7046016
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
nvtag
profile.ngpvan.com/v2/data/w45nqQjd7m806mysR0R3BkjY/ 		2 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/v2/data/w45nqQjd7m806mysR0R3BkjY/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Origin
https://secure.ngpvan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 14:50:34 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
Express, ASP.NET
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://secure.ngpvan.com
Access-Control-Allow-Credentials
true
Content-Length
123
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag
track
dc.services.visualstudio.com/v2/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.69.65.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://secure.ngpvan.com
Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,sdk-context

Response headers

Date
Wed, 29 May 2019 14:50:34 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
0
track
dc.services.visualstudio.com/v2/ 		96 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.69.65.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
10163790c78b3eb4816880a34f31c3c8fca656e31d321a57719e4e463c8cb0c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Origin
https://secure.ngpvan.com
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
16FAEF23-4D84-4795-AA79-E8636842E870
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Access-Control-Max-Age
3600
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Date
Wed, 29 May 2019 14:50:34 GMT
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
96
w45nqQjd7m806mysR0R3BkjY
secure.everyaction.com/Databag/Profile/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/Databag/Profile/w45nqQjd7m806mysR0R3BkjY
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
Origin
https://secure.ngpvan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Date
Wed, 29 May 2019 14:50:34 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
X-Iinfo
12-23366615-23366620 NNNN CT(0 0 0) RT(1559141433986 44) q(0 0 0 0) r(1 1) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
w45nqQjd7m806mysR0R3BkjY
secure.ngpvan.com/Databag/Profile/ 		0
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Databag/Profile/w45nqQjd7m806mysR0R3BkjY
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.ngpvan.com/SfZad1PgtkCJ53UvW1ZKSg2
X-Requested-With
XMLHttpRequest
Request-Id
|kli5k.c68bt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Date
Wed, 29 May 2019 14:50:34 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
X-Iinfo
3-14689571-14689601 SNNN RT(1559141432485 1468) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| appInsights function| handleScriptLoadError object| dataLayer function| fbAsyncInit object| twttr boolean| exileHeaderAndFooter object| FB object| google_tag_manager object| __twttrll object| __twttr function| __extends object| Microsoft object| AI function| _ object| CSSModal object| Braintree object| nvtag object| _gaq object| _gat object| Backbone function| _jqjsp object| atLayer object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType function| transactionFilter function| oldPush boolean| sweetSpotEnabled object| nvtag_callbacks string| GoogleAnalyticsObject function| ga object| formview object| google_tag_data object| gaplugins object| gaGlobal object| gaData

17 Cookies

Domain/Path Name / Value
.ngpvan.com/ Name: nlbi_972453
Value: eEfmU4JVNFUdqd5vMvukzwAAAABpwkosKqs1XqA7A8fzr6vG
.ngpvan.com/ Name: _gat_UA-28243511-20
Value: 1
secure.ngpvan.com/ Name: ai_user
Value: R6gVl|2019-05-29T14:50:33.238Z
.ngpvan.com/ Name: _ga
Value: GA1.2.31110795.1559141434
.ngpvan.com/ Name: incap_ses_727_1002065
Value: leiuVy7F6SOO59cOptMWCjic7lwAAAAAyngZnufryVExygv8aqesGQ==
.ngpvan.com/ Name: nlbi_1002065
Value: kR+LY9qWyWEFM1Sc/jHQnQAAAADv3j1wFdbyk8jJrIhKc7Kz
.secure.ngpvan.com/ Name: TiPMix
Value: 96.140717061302
.ngpvan.com/ Name: _gid
Value: GA1.2.1021301050.1559141434
.ngpvan.com/ Name: _gat_UA-28243511-22
Value: 1
.ngpvan.com/ Name: incap_ses_727_1392936
Value: y5aWeJwbr2R059cOptMWCjic7lwAAAAAtw+LIRo047THYSNROhWZ6w==
.ngpvan.com/ Name: visid_incap_1002065
Value: ixiStb8gRnSQpV4m9CazmTic7lwAAAAAQUIPAAAAAAAyVwKhUdVuYw7yUnFfRi3S
.ngpvan.com/ Name: _dc_gtm_UA-28243511-20
Value: 1
secure.ngpvan.com/ Name: ai_session
Value: vPrRa|1559141433699.805|1559141433699.805
.ngpvan.com/ Name: incap_ses_727_972453
Value: quQFDzgdgHvAsdcOptMWCjmc7lwAAAAA8dKv3R5hze6JVyH4f4c1yw==
.ngpvan.com/ Name: nlbi_1392936
Value: kPzRbfAaUXOKCrv7EgJYbgAAAADiwDJ5QdVgFJF0H9Ynu44y
.ngpvan.com/ Name: visid_incap_972453
Value: EMb/djQzQHmuCctPRnqhwPWb7lwAAAAAQUIPAAAAAABfWk4mp/zotviraI9Unf8/
.ngpvan.com/ Name: visid_incap_1392936
Value: LptJeRr8QU2L8kcBiYoQmjic7lwAAAAAQUIPAAAAAACwYS3YBz72riehWjFBn2xI

6 Console Messages

Source Level URL
Text
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Downloading: 152.662109375ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Processing: 7.873046875ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Render: 78.748046875ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Fill: 12.466064453125ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Form: 256.906982421875ms
console-api debug URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7)
Message:
Total: 361.373046875ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actions.ngpvan.com
az416426.vo.msecnd.net
click.ngpvan.com
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
nvlupin.blob.core.windows.net
platform.twitter.com
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
ssl.google-analytics.com
staticxx.facebook.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
13.69.65.22
152.199.19.160
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:815::2008
2a00:1450:4001:815::200e
2a00:1450:4001:818::2008
2a00:1450:400c:c06::9a
2a03:2880:f01c:216:face:b00c:0:3
40.114.13.25
45.60.33.183
52.239.157.138
52.85.188.185
52.85.188.70
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e
0bb4162f0b42086a35ba69b25bbebb373401777a9fbfee8e45b56f502cff7a64
10163790c78b3eb4816880a34f31c3c8fca656e31d321a57719e4e463c8cb0c0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13ff44636b6db317d37ea1cb1bae6785c72e0409b30029a86675af6b9ac8061a
17231ecbe4e145dcaf354bd3d64bd32451498ab3609f10bb8c76ce3e6936ad30
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16
30064defd5c20900b91bb29a867f34e5c2f81d8a3dcd5b9e154ac34eb4764431
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a640f2fa15d046f3153324657d1268ab935c8cfe3a159a371c19365333f75e4
4ac3ff6b0e9b12bf200b65c1ea40333f7697efe75fdf63156a11d0f5a7fbe649
4d83007fe8ec607bcbe73f0adabf7a6b2e7650dcab7f68a156908e53585b075d
4f2f577f4ea7a451afdfee3fdb8cf28074f4b369cc3d14cc3d0d3781c7ac5367
557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321
5ab67a9e9f8b010cd0a625b87af67601c1edc0b5c657b5121766c018bf352068
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
91732c6915d687647b8a8e89d983c7f308ab1235051e15a592f01f331339997b
9631b51e0d80f7ae60716ebdba58df800b885bae18dd7e952ada7ffc47e27189
9d3027bdc2a09d45d2398cc69aaecccb13cae262460a5d502e6ea289f421f1db
a0a17ec6c92e1ca8c9c87a36a4aef89d44d70c9f900fff6a1c7a5dbba189298d
d0f8667fd23ccd173c0e463a8b4323d48fa07414ade13c7bcb9df883b448679d
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57c084f52c1fe0232bfe1bd5902429825c2fbba17ef00d5c7e61cd3d9404389
eb58b2c1b8ec8cdc8a521fcb1556b86ecae136cd25d742e1cc7aacccc166b045
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc