urlscan.io logo urlscan.io
SecurityTrails logo

secure.ngpvan.com Open in urlscan Pro
45.60.33.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.ngpvan.com/k/43286194/336539024/914299645
Effective URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Submission: On March 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 42 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.ngpvan.com. The Cisco Umbrella rank of the primary domain is 56800.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on December 30th 2021. Valid for: a year.
This is the only time secure.ngpvan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 45.60.33.183 19551 (INCAPSULA)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 52.239.157.138 8075 (MICROSOFT...)
5 2600:9000:249... 16509 (AMAZON-02)
1 18.66.139.100 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.69.106.89 8075 (MICROSOFT...)
42 13
12    45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)
click.ngpvan.com
secure.ngpvan.com
profile.ngpvan.com
fastaction.ngpvan.com
secure.everyaction.com
3    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    52.239.157.138 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nvlupin.blob.core.windows.net
5    2600:9000:2490:b400:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.everyaction.com
1    18.66.139.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-100.fra60.r.cloudfront.net
js.verygoodvault.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
9    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    13.69.106.89 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
11 ngpvan.com
click.ngpvan.com — Cisco Umbrella Rank: 58783
secure.ngpvan.com — Cisco Umbrella Rank: 56800
profile.ngpvan.com — Cisco Umbrella Rank: 49431
fastaction.ngpvan.com — Cisco Umbrella Rank: 143988
35 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
6 everyaction.com
static.everyaction.com
secure.everyaction.com — Cisco Umbrella Rank: 49337
383 KB
3 gstatic.com
fonts.gstatic.com
24 KB
3 windows.net
nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 47984
639 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 828
159 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 857
306 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
86 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
440 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1652
40 KB
1 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 65676
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
42 12
Domain Requested by
9 www.google-analytics.com www.googletagmanager.com
az416426.vo.msecnd.net
secure.ngpvan.com
7 secure.ngpvan.com secure.ngpvan.com
az416426.vo.msecnd.net
5 static.everyaction.com secure.ngpvan.com
static.everyaction.com
3 fonts.gstatic.com fonts.googleapis.com
3 nvlupin.blob.core.windows.net secure.ngpvan.com
3 use.fontawesome.com secure.ngpvan.com
use.fontawesome.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 profile.ngpvan.com static.everyaction.com
az416426.vo.msecnd.net
2 www.googletagmanager.com secure.ngpvan.com
static.everyaction.com
1 stats.g.doubleclick.net az416426.vo.msecnd.net
1 secure.everyaction.com az416426.vo.msecnd.net
1 fastaction.ngpvan.com static.everyaction.com
1 az416426.vo.msecnd.net secure.ngpvan.com
1 js.verygoodvault.com secure.ngpvan.com
1 fonts.googleapis.com secure.ngpvan.com
1 click.ngpvan.com 1 redirects
42 16
Subject Issuer Validity Valid
*.ngpvan.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-30 -
2023-01-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2022-02-18 -
2023-02-18		 a year crt.sh
static.everyaction.com
Amazon		 2021-07-08 -
2022-08-06		 a year crt.sh
*.verygoodvault.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
*.everyaction.com
RapidSSL TLS RSA CA G1		 2020-05-28 -
2022-05-28		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 02		 2022-02-08 -
2023-02-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Frame ID: C9A9038E5E87E2B8A97574F5D49860C1
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Elect Democrats

Page URL History Show full URLs

  1. https://click.ngpvan.com/k/43286194/336539024/914299645 HTTP 302
    https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

42
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

16
Subdomains

13
IPs

4
Countries

1410 kB
Transfer

2677 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.ngpvan.com/k/43286194/336539024/914299645 HTTP 302
    https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request J9V46tJ9LUSkojlqJ4cK1w2
secure.ngpvan.com/
Redirect Chain
  • https://click.ngpvan.com/k/43286194/336539024/914299645
  • https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0e5170a4efe9048cc12b005806f6b413b7437cd28b7aabea52c0ceaa2c0886c5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
public, max-age=10
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers
Request-Context
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date
Wed, 23 Mar 2022 16:31:18 GMT
X-CDN
Imperva
Transfer-Encoding
chunked
X-Iinfo
3-292811588-292811590 NNNN CT(87 191 0) RT(1648053077881 13) q(0 0 3 0) r(5 5) U18

Redirect headers

Content-Length
0
Date
Wed, 23 Mar 2022 16:31:18 GMT
Server
Microsoft-IIS/10.0
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Expires
-1
Location
https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Pragma
no-cache
X-AspNet-Version
4.0.30319
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
X-Robots-Tag
noindex
X-CDN
Imperva
X-Iinfo
7-290111011-290111012 NNNY CT(88 180 0) RT(1648053077731 14) q(0 0 0 -1) r(1 1) U11
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer
https://secure.ngpvan.com/
Origin
https://secure.ngpvan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 16:31:19 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6ZW9F5JJZ7J58DSQ
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
9eJ2JyXrlziyItZaNSZwKQoOpcETTvcmBlkU6L6j/XhSwz1A3Yyc0G77EOkghpe0pNkKHWoe8Jo=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G8wRVlLKcJKC%2BEdzz%2FN9t%2Fb2QoyEShIeirjolJs7yT53dqoj6uO1eTJswz%2F02aCRhzV%2Bq5JvJHyZE6PTB5eroHH%2FA1YCiG1ydybl%2BpXqoyCQIe1o2UaX1ZxyPWA2kJQzT8B9pPbKW2jY36%2FtBPkKmqQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6f088e8188da92c9-FRA
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d60ce49f261c72be59ec3eda251d9f890be64e5f98390633c391ae53ba5b0b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Mar 2022 15:17:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 23 Mar 2022 16:31:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Mar 2022 16:31:19 GMT
ED%20Logo.png
nvlupin.blob.core.windows.net/images/van/NGP/NGP42/1/88503/images/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP42/1/88503/images/ED%20Logo.png
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
25fc5b64cd40071ae60624c279109304fc748b0148dc627a650693fb4d26bd07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 23 Mar 2022 16:31:19 GMT
Last-Modified
Fri, 02 Apr 2021 13:01:04 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D8F5D75F99D054
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
0bfd5a2f-501e-0085-6cd3-3e462d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
96480
at.js
static.everyaction.com/ea-actiontag/ 		843 KB
240 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1d3bfe73c7da4924daecf214fab60a027d5125a2a01c8fd7e51b247069f49c1

Request headers

Referer
https://secure.ngpvan.com/
Origin
https://secure.ngpvan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 14:33:00 GMT
content-encoding
gzip
age
7100
x-cache
Hit from cloudfront
content-length
245544
access-control-allow-origin
*
last-modified
Tue, 15 Mar 2022 14:33:10 GMT
server
AmazonS3
etag
"2b4d50476d55220baeacb35017e5d3cd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-amz-cf-id
VvGy0D0qDKw5j227JrqJYy_mo6Gs2wmuLX7Q_yMRqh5WqXoHBTcrEw==
at.min.css
static.everyaction.com/ea-actiontag/ 		111 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.min.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da457125243c2824f0416bf9babb95022f822d302796f2d8bdb0c9639167ed9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 10:39:54 GMT
content-encoding
gzip
age
21086
x-cache
Hit from cloudfront
content-length
20672
access-control-allow-origin
*
last-modified
Tue, 15 Mar 2022 14:33:10 GMT
server
AmazonS3
etag
"94863eae04299071119ce9bc18ef75e0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-amz-cf-id
j-SLtXjmZ0TQFEeyvkXdMFp47d87zteKPVVYWEYX7RVXlfS0CJH0Bw==
script-error
secure.ngpvan.com/js/ 		246 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/js/script-error?v=LR3iM4M7kAES0Kfs-kdOEFlJ6eRhSmwTVMRMKnRLIxs1
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Mar 2022 16:31:18 GMT
Content-Encoding
gzip
Last-Modified
Sun, 20 Feb 2022 16:22:40 GMT
X-CDN
Imperva
Content-Type
text/javascript; charset=utf-8
X-Iinfo
3-292811588-0 0CNN RT(1648053077881 508) q(0 -1 -1 -1) r(0 -1)
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=28857082, public
Content-Length
174
Expires
Mon, 20 Feb 2023 16:22:40 GMT
ED%20Logo.jpg
nvlupin.blob.core.windows.net/images/van/NGP/NGP42/1/88503/images/ 		420 KB
421 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP42/1/88503/images/ED%20Logo.jpg
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b7510b177e987fd09c503a53f37da88c5ba761cba2e9bdff08d5909926a87f5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 23 Mar 2022 16:31:18 GMT
Last-Modified
Fri, 02 Apr 2021 12:55:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D8F5D68D5C6E6D
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
1130ef3f-f01e-00c7-7ed3-3e6d39000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
430209
AC2nt8erbFu3svSWxmyTZr1b.js
js.verygoodvault.com/vgs-collect/1/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-100.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf

Request headers

Referer
https://secure.ngpvan.com/
Origin
https://secure.ngpvan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
MIiZqsZIbmUuLBPCQnATi6p_MgrmaU_3
Content-Encoding
gzip
ETag
W/"f3cecf4193fb217244937c56bee4b1b6"
Age
46503
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 13 Dec 2019 10:03:51 GMT
Server
AmazonS3
Date
Wed, 23 Mar 2022 03:36:48 GMT
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Cf-Id
HumRvVN8Orxoe4zDrbw7jzpfrXp3okq8mJICcofLRWhW4ZJDvY13qQ==
_Incapsula_Resource
secure.ngpvan.com/ 		146 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2096969496
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1911e150efbf29d6fc318ee7d75219ce290a17903088026fcfbb613e4a9f5aeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
20958
Content-Type
application/javascript
pelosi.jpg
nvlupin.blob.core.windows.net/images/van/NGP/NGP42/1/88503/images/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP42/1/88503/images/pelosi.jpg
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6ae67ac3f8089a6dd2f0985403612544fcadef64e2cdbdd9a5cc2255a7007cfa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 23 Mar 2022 16:31:19 GMT
Last-Modified
Fri, 02 Apr 2021 18:24:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D8F604831144AE
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
8a57d663-701e-0055-70d3-3efa8f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
125529
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.ngpvan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:15 GMT
x-content-type-options
nosniff
age
594064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:11:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:15 GMT
gtm.js
www.googletagmanager.com/ 		123 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM473M
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d198a70baad04fecd6c38d201e6c1c9bc852949b4f38d3d9b47f9644ce43b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 16:31:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44952
x-xss-protection
0
last-modified
Wed, 23 Mar 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Mar 2022 16:31:19 GMT
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ 		120 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F5B) /
Resource Hash
feb5a95f889fd1ecdabaab0aece26b232bdb83017971c4636dce99105898f318

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Mar 2022 16:31:19 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
kIbzAcz/m2O65DekgfwJzw==
age
147
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.7.4.min.js
content-length
40497
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 20:08:25 GMT
server
ECAcc (frc/8F5B)
x-ms-meta-aijssdkver
2.7.4
etag
0x8D9FC8868AFB46B
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c980780f-e01e-0062-58d3-3e2a52000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Wed, 23 Mar 2022 17:01:19 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.ngpvan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:15 GMT
x-content-type-options
nosniff
age
594064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:17:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:15 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
https://secure.ngpvan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 16:31:19 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
156667
cf-ray
6f088e829ae992c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74768
x-amz-id-2
KcW3zEXoY/uz7IBW3SxBzzEpNowxtSc6FbWnAPQvEoCvK7yX8BZgHLR7ZZJ/KbCSGNc261ZWuv8=
last-modified
Wed, 30 Jun 2021 15:46:59 GMT
server
cloudflare
etag
"5e2f92123d241cabecf0b289b9b08d4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nl%2BGYLuDoFLYbtK9aJ2RdA6iThFXIsrujFLqXAxwX2h2rK8ni46TX24i5YZhvrVI81hx%2FLxJLuDC1XC05Oe7u%2FObRdK0wRi57s8mPLuhOT0gGAslmWnsgHrWVyZ3IujblwMBEVcOWvAbgIO8McNiMLEV"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
TXRK34FY9YC7WVPK
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
https://secure.ngpvan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 16:31:19 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6ZWDWGWAB62AMA42
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74256
x-amz-id-2
K+ZL+DbmM72WBtsLCM9y9solDL8Ywa73YLVoAmUM3j94nWjLHOZQUsSmIBMXMSLccZJcCfbnx1c=
last-modified
Wed, 30 Jun 2021 15:47:00 GMT
server
cloudflare
etag
"418dad87601f9c8abd0e5798c0dc1feb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbcuT3FtVajpVJUYi4omC03tzejFnBqTkuSiyuQJH4cpEEKJerE1IKGmwoIKyHONiezie4J7jrf%2B7ULLsocC1ea8h3PttaO%2B1XvVyvtFOc3V1YW5m9HV0t%2Fc4t%2BA2b07S5ZcOFx5vk%2FyfZonZslh76bq"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6f088e829aea92c9-FRA
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.ngpvan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:31:15 GMT
x-content-type-options
nosniff
age
594004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:11:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:31:15 GMT
_Incapsula_Resource
secure.ngpvan.com/ 		1 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7266150099867801
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
identity
profile.ngpvan.com/ 		72 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
2c58b2c7fe5efd4a30bf885762886ebf9ee25db1ea25ea4f479d6232c413fe73
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 16:31:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
vary
Accept-Encoding
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo
8-408170345-408170346 PNNN RT(1648053078719 0) q(0 0 0 1) r(1 1) U5
x-cdn
Imperva
content-type
text/javascript; charset=utf-8
content-length
191
etag
W/"48-/gLquNE1A0HiJi6TszzB/ip07o4"
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
gtm.js
www.googletagmanager.com/ 		115 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8959eaad1fd9c34f6ee2e17975c3df799a824298d3559b47dd4da3511d3a79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 16:31:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42439
x-xss-protection
0
last-modified
Wed, 23 Mar 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Mar 2022 16:31:19 GMT
extra.min.css
static.everyaction.com/ea-actiontag/ 		93 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2c110f2c40d9168b6a2000fc9aaec3a02494980e6a0f54665e7ca900dbfa34a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 11:52:05 GMT
content-encoding
gzip
age
16851
x-cache
Hit from cloudfront
content-length
15864
access-control-allow-origin
*
last-modified
Tue, 15 Mar 2022 14:33:10 GMT
server
AmazonS3
etag
"4c3d8adef62704ce43c6a6c2185e5e75"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-amz-cf-id
ghrDuJF30QhUnxNeTcWpPDONH3059TXGfJYdztpaOA3mIMqIBZUEJw==
J9V46tJ9LUSkojlqJ4cK1w2
secure.ngpvan.com/v1/Forms/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/v1/Forms/J9V46tJ9LUSkojlqJ4cK1w2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8fa3c7c33404df479f5a3a6e9cf71d4fdf8d6688d9811e3bc8ddca4ccad4dc08
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Request-Id
|044fe7c43ea54632982743566b53dd1b.9121e0d7ae7f45e7
X-Requested-With
XMLHttpRequest
traceparent
00-044fe7c43ea54632982743566b53dd1b-9121e0d7ae7f45e7-01
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer
https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-CDN
Imperva
Date
Wed, 23 Mar 2022 16:31:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
X-Iinfo
3-292811588-292811590 SNNN RT(1648053077881 863) q(0 0 0 -1) r(2 2) U18
Access-Control-Expose-Headers
Request-Context
Cache-Control
public, max-age=10
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Vary
Origin,Accept-Encoding
Content-Length
950
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
nvtag
profile.ngpvan.com/v2/data/txbRf44MzX$M8UM1DhoudGuh/ 		2 B
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/v2/data/txbRf44MzX$M8UM1DhoudGuh/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.ngpvan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 16:31:19 GMT
content-encoding
gzip
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.ngpvan.com
x-iinfo
5-436976055-436976056 PNNN RT(1648053078850 0) q(0 0 0 -1) r(1 1) U5
access-control-allow-credentials
true
content-length
123
x-cdn
Imperva
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1593
date
Wed, 23 Mar 2022 16:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 23 Mar 2022 18:04:46 GMT
identity
fastaction.ngpvan.com/api/v1/ 		182 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1648053079148=
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Cowboy / Express
Resource Hash
aa338993b878c5ecd930ebc015c1ed2a40c5325e929127041492a1611b97eaf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
via
1.1 vegur
x-content-type-options
nosniff
server
Cowboy
content-encoding
gzip
x-powered-by
Express
vary
Accept-Encoding
p3p
CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo
8-408170403-408170404 NNYN CT(101 103 0) RT(1648053078984 0) q(0 0 2 0) r(4 4) U18
cache-control
max-age=0
date
Wed, 23 Mar 2022 16:31:20 GMT
etag
W/"b6-swzJDjmEVy/DgKNTSYZ5qYTaEg4"
content-type
text/javascript; charset=utf-8
x-cdn
Imperva
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
glyphicons-regular.woff2
static.everyaction.com/ea-actiontag/assets/fonts/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/assets/fonts/glyphicons-regular.woff2
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Referer
https://static.everyaction.com/ea-actiontag/at.min.css
Origin
https://secure.ngpvan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 22:33:53 GMT
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
age
64647
x-cache
Hit from cloudfront
content-length
96388
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
server
AmazonS3
etag
"aca35251952e72d9e32d41217f0f97ab"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-amz-cf-id
Dx2txkKb-vKEXcW3xaOoVTDTkHp5wKhbBJLMqXu7JfJ3codhA6mATg==
J9V46tJ9LUSkojlqJ4cK1w2
secure.ngpvan.com/v1/Track/ 		0
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/v1/Track/J9V46tJ9LUSkojlqJ4cK1w2?formSessionId=a75b2672-6b53-4cad-80f6-6200bb70b047&bName=chrome&dType=desktop&fUrl=aHR0cHM6Ly9zZWN1cmUubmdwdmFuLmNvbS9KOVY0NnRKOUxVU2tvamxxSjRjSzF3Mg%3D%3D&fRef=
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Imperva
Date
Wed, 23 Mar 2022 16:31:18 GMT
X-Frame-Options
SAMEORIGIN
X-Iinfo
3-292811588-292811590 SNNN RT(1648053077881 1105) q(0 0 0 -1) r(1 1) U2
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
-1
fast-action.svg
static.everyaction.com/ea-actiontag/assets/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 04:46:35 GMT
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
age
42409
x-cache
Hit from cloudfront
content-length
9203
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
server
AmazonS3
etag
"babd47dc25531a9faeadc04f1afa1910"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-amz-cf-id
BCJTQzDycHo32ZVvR8D9GEFco1traOVJxSYAnp-acRYKGV0WR-nkXA==
txbRf44MzX$M8UM1DhoudGuh
secure.everyaction.com/Databag/Profile/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/Databag/Profile/txbRf44MzX$M8UM1DhoudGuh
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.ngpvan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Mar 2022 16:31:19 GMT
X-Content-Type-Options
nosniff
X-CDN
Imperva
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
https://secure.ngpvan.com
X-Iinfo
10-429615373-429615375 NNNY CT(87 179 0) RT(1648053079092 10) q(0 0 0 2) r(1 1) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
txbRf44MzX$M8UM1DhoudGuh
secure.ngpvan.com/Databag/Profile/ 		0
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Databag/Profile/txbRf44MzX$M8UM1DhoudGuh
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Request-Id
|044fe7c43ea54632982743566b53dd1b.dbf11bc362da420b
traceparent
00-044fe7c43ea54632982743566b53dd1b-dbf11bc362da420b-01
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Mar 2022 16:31:19 GMT
X-Content-Type-Options
nosniff
X-CDN
Imperva
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
X-Iinfo
9-384070066-384070190 NNNY CT(87 179 0) RT(1648053078393 669) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1426498577&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FJ9V46tJ9LUSkojlqJ4cK1w2&ul=en-us&de=UTF-8&dt=Elect%20Democrats&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utt=197&_u=YEBAAEABAAAAAC~&jid=1452921301&gjid=1086811270&cid=1020548670.1648053079&tid=UA-28243511-22&_gid=1635667895.1648053079&_r=1&gtm=2wg3e05L2FSL&z=311723733
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Mar 2022 16:31:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.ngpvan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28243511-23&cid=1020548670.1648053079&jid=1326530667&gjid=2073677959&_gid=1635667895.1648053079&_u=YGDAgEABAAAAAG~&z=1323385588
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 23 Mar 2022 16:31:20 GMT
content-type
text/plain
access-control-allow-origin
https://secure.ngpvan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1426498577&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FJ9V46tJ9LUSkojlqJ4cK1w2&ul=en-us&de=UTF-8&dt=Elect%20Democrats&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAC~&jid=1326530667&gjid=2073677959&cid=1020548670.1648053079&tid=UA-28243511-23&_gid=1635667895.1648053079&gtm=2wg3e05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP42%2F1%2F88503&cd3=4823074&cd5=SAPPHIRE%20-%20Receive%20Fewer%20Emails&cd6=J9V46tJ9LUSkojlqJ4cK1w2&z=830057825
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Mar 2022 09:38:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1426498577&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FJ9V46tJ9LUSkojlqJ4cK1w2&ul=en-us&de=UTF-8&dt=Elect%20Democrats&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SignupForm&ea=Form%20Load&el=Minimal&ev=2&_u=YGDAgEABAAAAAG~&jid=&gjid=&cid=1020548670.1648053079&tid=UA-28243511-23&_gid=1635667895.1648053079&gtm=2wg3e05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP42%2F1%2F88503&cd3=4823074&cd5=SAPPHIRE%20-%20Receive%20Fewer%20Emails&cd6=J9V46tJ9LUSkojlqJ4cK1w2&z=738022372
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Mar 2022 09:38:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1426498577&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FJ9V46tJ9LUSkojlqJ4cK1w2&ul=en-us&de=UTF-8&dt=Elect%20Democrats&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utt=14&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1020548670.1648053079&tid=UA-28243511-22&_gid=1635667895.1648053079&gtm=2wg3e05L2FSL&z=994162877
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Mar 2022 09:38:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1426498577&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FJ9V46tJ9LUSkojlqJ4cK1w2&ul=en-us&de=UTF-8&dt=Elect%20Democrats&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utt=16&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1020548670.1648053079&tid=UA-28243511-22&_gid=1635667895.1648053079&gtm=2wg3e05L2FSL&z=2103107230
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Mar 2022 09:38:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1426498577&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FJ9V46tJ9LUSkojlqJ4cK1w2&ul=en-us&de=UTF-8&dt=Elect%20Democrats&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utt=2&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1020548670.1648053079&tid=UA-28243511-22&_gid=1635667895.1648053079&gtm=2wg3e05L2FSL&z=1242335956
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Mar 2022 09:38:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1426498577&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FJ9V46tJ9LUSkojlqJ4cK1w2&ul=en-us&de=UTF-8&dt=Elect%20Democrats&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utt=244&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1020548670.1648053079&tid=UA-28243511-22&_gid=1635667895.1648053079&gtm=2wg3e05L2FSL&z=1431534241
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Mar 2022 09:38:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1426498577&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FJ9V46tJ9LUSkojlqJ4cK1w2&ul=en-us&de=UTF-8&dt=Elect%20Democrats&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=294&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1020548670.1648053079&tid=UA-28243511-22&_gid=1635667895.1648053079&gtm=2wg3e05L2FSL&z=1711704862
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9V46tJ9LUSkojlqJ4cK1w2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Mar 2022 09:38:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://secure.ngpvan.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Wed, 23 Mar 2022 16:31:19 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		98 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9527f6059489464db43e45ce8202b534328cfe6da509196faa464eb0399fecc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
Accept-Language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
B92285D8-B41B-42CB-ACBA-62D4D65D4AA4
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Wed, 23 Mar 2022 16:31:20 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
98

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored string| sdkInstance string| aiName object| aisdk string| appInsightsSDK object| appInsights function| handleScriptLoadError object| dataLayer number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad object| VgForm object| SecureForm object| VGSCollect function| _ object| CSSModal object| intlTelInputGlobals function| intlTelInput object| nvtag object| Backbone function| _jqjsp object| atLayer object| _gaq object| user object| nvtag_plugins object| e function| t object| Microsoft function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| formview object| gaplugins object| gaGlobal object| gaData

27 Cookies

Domain/Path Name / Value
.ngpvan.com/ Name: visid_incap_1392936
Value: l+6Be8ZLQbC2wysS58sdAFVLO2IAAAAAQUIPAAAAAAD760SWB3hcAF1VoQ3cARHB
.ngpvan.com/ Name: nlbi_1392936
Value: LodYHTLFdVJ8qTtA/rqKWQAAAADeCbxx/w3UoQwfl177x03x
.ngpvan.com/ Name: incap_ses_533_1392936
Value: gjH/U+lzqUPcOg/JS5llB1VLO2IAAAAAeDm1zTRVjo/PxO6G1Cgf1Q==
.ngpvan.com/ Name: visid_incap_1002065
Value: IAt7gyCxQG6ZT51M4gyqSVVLO2IAAAAAQUIPAAAAAAB2+8WY8XLU9VPZEVn5z9s6
.ngpvan.com/ Name: nlbi_1002065
Value: vpmAOUQOkHOUmQbs0IOYSwAAAABqw/QPEdmRmiBKYrp35/BB
.ngpvan.com/ Name: incap_ses_533_1002065
Value: r3uMU/mZP0X0Og/JS5llB1ZLO2IAAAAAc2pnfn53GvFr8eEd/ATO6Q==
.secure.ngpvan.com/ Name: TiPMix
Value: 25.8816503108859
.secure.ngpvan.com/ Name: x-ms-routing-name
Value: self
secure.ngpvan.com/ Name: ai_user
Value: ivxN4JRT4ctOp2ZntFSKmU|2022-03-23T16:31:18.908Z
secure.ngpvan.com/ Name: ai_session
Value: Yg8dCY0Hyw0MFD22XIFWsp|1648053079000|1648053079000
.ngpvan.com/ Name: visid_incap_2233503
Value: 6QjsdJHDSOKchWcTnEkhclZLO2IAAAAAQUIPAAAAAADy8UYeDSvcvHcEso6zMY03
.ngpvan.com/ Name: nlbi_2233503
Value: 6kWnK/16OQeu/MDqvIV21QAAAAAynS2FhhX/2HgH+RIYUB18
.ngpvan.com/ Name: incap_ses_533_2233503
Value: yfpMIoZFiBWIPA/JS5llB1ZLO2IAAAAAuMoZZbDqqLGE+jDZqzhrCg==
.profile.ngpvan.com/ Name: TiPMix
Value: 77.36282215585408
.profile.ngpvan.com/ Name: x-ms-routing-name
Value: self
profile.ngpvan.com/ Name: ngpvanuser
Value: txbRf44MzX%24M8UM1DhoudGuh
.ngpvan.com/ Name: _ga
Value: GA1.2.1020548670.1648053079
.ngpvan.com/ Name: ProfileDatabagId
Value: txbRf44MzX$M8UM1DhoudGuh
.ngpvan.com/ Name: _gid
Value: GA1.2.1635667895.1648053079
.ngpvan.com/ Name: _gat_UA-28243511-22
Value: 1
.ngpvan.com/ Name: _dc_gtm_UA-28243511-23
Value: 1
.secure.everyaction.com/ Name: TiPMix
Value: 64.94688604737111
.secure.everyaction.com/ Name: x-ms-routing-name
Value: self
.everyaction.com/ Name: ProfileDatabagId
Value: txbRf44MzX$M8UM1DhoudGuh
.ngpvan.com/ Name: visid_incap_972453
Value: 16ETOHZ0Rx+Jy+qeLc8fnlZLO2IAAAAAQUIPAAAAAABBxIjG+yQas8OIAOZeUY+w
.ngpvan.com/ Name: nlbi_972453
Value: xScTRMYn4XPyW5iEMvukzwAAAADDuBhzTxVfcJ8f+HJLwVXN
.ngpvan.com/ Name: incap_ses_533_972453
Value: N+bjNxK5QG0iPQ/JS5llB1dLO2IAAAAAhZUamkVedpAAy85o5hSngQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
click.ngpvan.com
dc.services.visualstudio.com
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
static.everyaction.com
stats.g.doubleclick.net
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
13.69.106.89
18.66.139.100
2600:9000:2490:b400:3:1d53:4780:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9b
2a06:98c1:3120::7
45.60.33.183
52.239.157.138
0e5170a4efe9048cc12b005806f6b413b7437cd28b7aabea52c0ceaa2c0886c5
1911e150efbf29d6fc318ee7d75219ce290a17903088026fcfbb613e4a9f5aeb
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
25fc5b64cd40071ae60624c279109304fc748b0148dc627a650693fb4d26bd07
2c58b2c7fe5efd4a30bf885762886ebf9ee25db1ea25ea4f479d6232c413fe73
3d198a70baad04fecd6c38d201e6c1c9bc852949b4f38d3d9b47f9644ce43b42
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5d60ce49f261c72be59ec3eda251d9f890be64e5f98390633c391ae53ba5b0b6
6ae67ac3f8089a6dd2f0985403612544fcadef64e2cdbdd9a5cc2255a7007cfa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8fa3c7c33404df479f5a3a6e9cf71d4fdf8d6688d9811e3bc8ddca4ccad4dc08
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9527f6059489464db43e45ce8202b534328cfe6da509196faa464eb0399fecc1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d3bfe73c7da4924daecf214fab60a027d5125a2a01c8fd7e51b247069f49c1
aa338993b878c5ecd930ebc015c1ed2a40c5325e929127041492a1611b97eaf7
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
b7510b177e987fd09c503a53f37da88c5ba761cba2e9bdff08d5909926a87f5e
b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf
da457125243c2824f0416bf9babb95022f822d302796f2d8bdb0c9639167ed9e
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e2c110f2c40d9168b6a2000fc9aaec3a02494980e6a0f54665e7ca900dbfa34a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f8959eaad1fd9c34f6ee2e17975c3df799a824298d3559b47dd4da3511d3a79e
feb5a95f889fd1ecdabaab0aece26b232bdb83017971c4636dce99105898f318