URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Submission Tags: falconsandbox
Submission: On April 17 via api from US

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 50 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.ngpvan.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on January 14th 2021. Valid for: a year.
This is the only time secure.ngpvan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 45.60.33.183 19551 (INCAPSULA)
7 2600:9000:210... 16509 (AMAZON-02)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 52.239.157.138 8075 (MICROSOFT...)
7 143.204.245.59 16509 (AMAZON-02)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.232.239.219 14618 (AMAZON-AES)
2 51.107.59.180 8075 (MICROSOFT...)
50 13
Domain Requested by
9 www.google-analytics.com www.googletagmanager.com
az416426.vo.msecnd.net
secure.ngpvan.com
7 js.verygoodvault.com secure.ngpvan.com
js.verygoodvault.com
7 d3rse9xjbp8270.cloudfront.net secure.ngpvan.com
d3rse9xjbp8270.cloudfront.net
7 secure.ngpvan.com secure.ngpvan.com
az416426.vo.msecnd.net
5 use.typekit.net secure.ngpvan.com
use.typekit.net
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 vgs-collect-keeper.apps.verygood.systems js.verygoodvault.com
2 stats.g.doubleclick.net az416426.vo.msecnd.net
2 profile.ngpvan.com d3rse9xjbp8270.cloudfront.net
az416426.vo.msecnd.net
2 www.googletagmanager.com secure.ngpvan.com
d3rse9xjbp8270.cloudfront.net
1 secure.everyaction.com az416426.vo.msecnd.net
1 fastaction.ngpvan.com d3rse9xjbp8270.cloudfront.net
1 az416426.vo.msecnd.net secure.ngpvan.com
1 p.typekit.net use.typekit.net
1 nvlupin.blob.core.windows.net secure.ngpvan.com
50 15

This site contains links to these domains. Also see Links.

Domain
fastaction.ngpvan.com
Subject Issuer Validity Valid
*.ngpvan.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-01-14 -
2022-01-14
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2021-02-22 -
2022-02-21
a year crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA
2020-01-28 -
2022-02-01
2 years crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02
2021-02-17 -
2022-02-17
a year crt.sh
*.verygoodvault.com
Amazon
2021-03-19 -
2022-04-17
a year crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA
2019-12-06 -
2021-12-10
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2020-04-16 -
2022-04-21
2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
vgs-collect-keeper.apps.verygood.systems
R3
2021-02-18 -
2021-05-19
3 months crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 02
2021-03-09 -
2022-03-09
a year crt.sh
*.everyaction.com
RapidSSL TLS RSA CA G1
2020-05-28 -
2022-05-28
2 years crt.sh

This page contains 3 frames:

Primary Page: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Frame ID: 216DF0FE0288C9375C31ACDCEAB53171
Requests: 43 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId17021910600504038324&formId=randomId1707971127273293097&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Frame ID: F3A9E106A3F5D2666DBB3B74D2EE36DE
Requests: 4 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId170058645842181841434&formId=randomId1707971127273293097&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Frame ID: 622E12D7D1E0E65A6A3378622243BAA8
Requests: 4 HTTP requests in this frame

Screenshot


Page Statistics

50
Requests

100 %
HTTPS

58 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

1003 kB
Transfer

2835 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set OC1wKu5tn0O90-kiea46kg2
secure.ngpvan.com/
11 KB
5 KB
Document
General
Full URL
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c8a28de79420d240b67e5b0e5c878c62ffdd15cc5297492ff61a448622c0507b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
secure.ngpvan.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers
Request-Context
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date
Sat, 17 Apr 2021 20:14:04 GMT
Set-Cookie
visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; expires=Sun, 17 Apr 2022 03:52:20 GMT; HttpOnly; path=/; Domain=.ngpvan.com nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; path=/; Domain=.ngpvan.com incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; path=/; Domain=.ngpvan.com TiPMix=63.0739226765344; path=/; HttpOnly; Domain=secure.ngpvan.com; Max-Age=3600; Secure; SameSite=None; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=secure.ngpvan.com; Max-Age=3600; Secure; SameSite=None; Secure ; Secure; SameSite=None; SameSite=None; Secure
X-CDN
Imperva
Transfer-Encoding
chunked
X-Iinfo
12-359643331-359643339 NNNN CT(81 174 0) RT(1618690443507 29) q(0 0 2 0) r(4 4) U2
at.js
d3rse9xjbp8270.cloudfront.net/
819 KB
232 KB
Script
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a265f576c545ebfe2fc1f094863ef2428c8cc8828f9f485f968cb2a30e23f66

Request headers

Origin
https://secure.ngpvan.com
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 16:19:28 GMT
content-encoding
gzip
age
14083
x-cache
Hit from cloudfront
content-length
236656
access-control-allow-origin
*
last-modified
Tue, 13 Apr 2021 15:03:50 GMT
server
AmazonS3
etag
"742e6af5c335c0799f82ccb8791f4e13"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-amz-cf-id
rTNfZteIPnkl7inOFnDNwWFIMgAeuz8IOmOfMYl1wIfy8ZSbthas_w==
at.min.css
d3rse9xjbp8270.cloudfront.net/
111 KB
21 KB
Stylesheet
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2aa7ee31b0ae288fe00108c6b594bcef04278507b10ec45a721adaf2b0aa8505

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 16:55:43 GMT
content-encoding
gzip
age
69336
x-cache
Hit from cloudfront
content-length
20616
access-control-allow-origin
*
last-modified
Tue, 13 Apr 2021 15:03:50 GMT
server
AmazonS3
etag
"65477bdcdcd8a4c674450327ce80f274"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-amz-cf-id
VW6dqqoE_W2lF2hO8TK2NardqyQ2Yw9ezJFgM60zdcchzmJDCl-W4w==
uct5oqo.css
use.typekit.net/
14 KB
2 KB
Stylesheet
General
Full URL
https://use.typekit.net/uct5oqo.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d56b1248ba3658f271a72ddd36e27d7858457fd5745e1c3746375b669c0c3414
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sat, 17 Apr 2021 20:14:05 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1411
script-error
secure.ngpvan.com/js/
246 B
538 B
Script
General
Full URL
https://secure.ngpvan.com/js/script-error?v=LR3iM4M7kAES0Kfs-kdOEFlJ6eRhSmwTVMRMKnRLIxs1
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.ngpvan.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Cookie
visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; TiPMix=63.0739226765344; x-ms-routing-name=self
Connection
keep-alive
Referer
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:14:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Apr 2021 06:12:09 GMT
X-CDN
Imperva
Content-Type
text/javascript; charset=utf-8
X-Iinfo
12-359643331-0 0CNN RT(1618690443507 475) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=31226286, public
Content-Length
174
Expires
Thu, 14 Apr 2022 06:12:09 GMT
bfa-logo-ngpvan.png
nvlupin.blob.core.windows.net/images/van/NGP/NGP22/1/73762/images/
5 KB
5 KB
Image
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP22/1/73762/images/bfa-logo-ngpvan.png
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
82752d3eb0732adedc9cdcf517ecf99ef28973e35f1a5d4fb73ada059f960802

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 17 Apr 2021 20:14:05 GMT
Last-Modified
Wed, 17 Jul 2019 20:53:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D70AF8D0B51EDE
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
022258a3-801e-0122-01c6-33399b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
4949
AC2nt8erbFu3svSWxmyTZr1b.js
js.verygoodvault.com/vgs-collect/1/
76 KB
24 KB
Script
General
Full URL
https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-59.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf

Request headers

Origin
https://secure.ngpvan.com
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MIiZqsZIbmUuLBPCQnATi6p_MgrmaU_3
Content-Encoding
gzip
ETag
W/"f3cecf4193fb217244937c56bee4b1b6"
Age
133637
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 13 Dec 2019 10:03:51 GMT
Server
AmazonS3
Date
Fri, 16 Apr 2021 20:17:06 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 0562d7d213bde9a129ec458c631f9cef.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CPH50-C1
X-Amz-Cf-Id
FOlMiy8U0fgJQu8Bf-h7Xl7-iLwcRX2oYZgGt_7o1v05gEkGedvJbQ==
_Incapsula_Resource
secure.ngpvan.com/
121 KB
17 KB
Script
General
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=879077968
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9ed59a79db2ef0b4f9b88f72eb78c5566daf19b1577f7a6964b1837b0ac591e1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.ngpvan.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Cookie
visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; TiPMix=63.0739226765344; x-ms-routing-name=self
Connection
keep-alive
Referer
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
17538
Content-Type
application/javascript
p.css
p.typekit.net/
5 B
181 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=uct5oqo&ht=tk&f=4455.4616.5018.5045.25326.25327.36601.36602.36603.36604.36607.36608.36617.36618.36623.36624.36633.36634.36639.36640&a=454898&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uct5oqo.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:68a::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:14:05 GMT
last-modified
Wed, 02 Sep 2020 04:05:58 GMT
server
nginx
etag
"5f4f1a26-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gtm.js
www.googletagmanager.com/
110 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM473M
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b4d3b9210382b816abc1445d605f74fc3a09fceebbe6c357e5745f8b192457ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:14:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38689
x-xss-protection
0
last-modified
Sat, 17 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 17 Apr 2021 20:14:05 GMT
l
use.typekit.net/af/359d41/00000000000000003b9b0eea/27/
36 KB
36 KB
Font
General
Full URL
https://use.typekit.net/af/359d41/00000000000000003b9b0eea/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uct5oqo.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
59c6a30bdc96ca4359841d35f675fb2b752432749d49f463b9324a34c4db5bdf

Request headers

Origin
https://secure.ngpvan.com
Referer
https://use.typekit.net/uct5oqo.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:14:05 GMT
server
nginx
etag
"2d0a530caf015fc6f3e73559ee975f836e479656"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36920
l
use.typekit.net/af/3bd84d/00000000000000003b9b0ee4/27/
36 KB
36 KB
Font
General
Full URL
https://use.typekit.net/af/3bd84d/00000000000000003b9b0ee4/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uct5oqo.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c8fe0e0eb99aaed1e886a2c942bd56ee4f8ae929f9d4bd9c695dc05c28837ccc

Request headers

Origin
https://secure.ngpvan.com
Referer
https://use.typekit.net/uct5oqo.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:14:05 GMT
server
nginx
etag
"b277cd7c7bafa67136120009a2a8960d95cb675f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36668
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/
117 KB
38 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F5B) /
Resource Hash
452738d27c3d427f83805f29a3ea0766761dc96fe0ea8f945e21ca67ace805ab

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Apr 2021 20:14:05 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
o5N/xOXHlfS1k41blJGwlA==
age
1229
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.6.1.min.js
content-length
38154
x-ms-lease-status
unlocked
last-modified
Tue, 30 Mar 2021 20:21:05 GMT
server
ECAcc (frc/8F5B)
x-ms-meta-aijssdkver
2.6.1
etag
0x8D8F3B958AE018D
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6ddff5de-f01e-001c-09c3-33ba15000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable
x-ms-version
2009-09-19
expires
Sat, 17 Apr 2021 20:44:05 GMT
_Incapsula_Resource
secure.ngpvan.com/
1 B
123 B
Image
General
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWKMTFSR=1&e=0.41752912431779365
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.ngpvan.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Cookie
visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; TiPMix=63.0739226765344; x-ms-routing-name=self; ai_user=w1ZBWWhWbsiThmq3ufdrMa|2021-04-17T20:14:05.180Z; ___utmvc=eaCEcPJ02CIA9y1n1MNF98YAWdnFjPdygjt8SR8o99Eqff+wxS5VQQ+LNzyoybbAKIxFOxv01FLb0Ysdyrj6o8RAZfm6yBe/EUIGpvLhybbHL52VBtT1PsUamAIbM9vzSF1/fZWQZIYncQZR4ATAihJFXEVThmr8u+q6HFOpD3aOb8zTcEm66vjNhaJ3McMJ3VamiWgt8erEdcQiluO5Eqk0ZTDCAR//6bKPzaR8xkDerSSBrSP/lO9gw5vfEhtpKpbjgh25ib6ZUd80WRzXDVMaae9IScNodm+7XkNLNj/cl0PrZTc6qQfGYiJXPlFHiTQgaay1tAQBvRfmLlnvKEs0qejs4hPQqqJJxSqMKN8XdBzl8RL7PeN83zNqfSZLCcDl14rI7VM7xOsBDQ0Jnxnn9VauywwCzbsHtrJOkok4uVyTc/kZpZ5T4OYDHyMjgFNzVmST7bXUlJBHvgZMhC9on8whk5VHnTnMCT+f6Qz7pJefs9zfgCD7+kNBqe7BoAWhawIKkh2XsMoXkwor94i1yOyqW9RkWzPSUAeLvr4kDmGKkRzb/Jtiz8I/ldXddoyhc6hn9I9jy8xWvNNkuPBm+G56yHrEZ5ZmKZVhVwjUXkDOvDiG2Bo9TrwwS5S16JGWJ2g9WszV2IpLWO181kGKOL+72GPs2gUHU00nFrd3R48BuJwQRP/Zg20xLYg24/uBRMv+7o67GE46U24uMuZOqwklKRluH2SQuoy9Sq/VMPFVQX6JX0EeRD6x1d7Lkh2vlHEi/fI3kF+41ZpalKbwj+C2KrYgYhzK8J80v0IS8FDOH4TX0/XoYmCpk4HUGcGzToNWWzt0M7C4ZwEQbFsMgI3Ob4A6silZrrsKYJYpX5BZ8VoCOOn0TwEpUt0kgeFcvzCE6VSMG0rjxUBUBjfWZiKkE2n4tY2fBtF+C1wN7zrhJf21FIc+nW+wL5KfD6OoqsxJnhmGZnLxhUyCFuuowa4MYuONsqsLiytgGhD08zipHnq9spPjN4pFvdMp09TY3/1LdKRwsn67M7Hl5AQ+dzxjZaMIc+GMSjpvZI0M8ULB3zmjzLq9btQXwPovzudxRORi6iQP+mTs8IHQAGcbtO2GcvTSb4/x/8pnKOVgMU+eKaF6lV2RUMH3mL9yf+Qs+M610sqDnlVgS1/7YuTgaqyikiZFues42sZh4m8SeAU5YCwfqVURKaw4TNDbKEjLQTxXj11megXcIQafTc2MX+6CYiqJTgWaSLiVWG+IkUEfhf6KRpqKXXjV0g8l0WZ0rItw4TBQY0QRZrjlyV2ftrzkIOko0zGRMVZrCGVxovxBphkr8v5UDZbOvKanPOmNT2U8EgnmWOXbSuA+DTurEGWn3Np4lf37yUlRiz7gBGRL/GNkzurU7IfG1j9jjAQr5sBtpHXrwI45CePfWMcFbzNcWAW6L2lU9MirQBKDViwrKUeHcC5Uno7oZdAPd6o/uKEFHwsz0bZsphz4Mqnr9hVdCC6ULksqQ8NpO8ZFTh7/W9CZW17hTCd+7lzZZu3m4hnZTnDcv6r4JnEuH9Wj/nhGMqSRhjrGW6eswWv+hBE1PR5bJxt5ovyOsFOtit5ju51IglE+p9iFe7yD1Bi1MMrRlnS4ThRXXWQDt5TDBY82xvHjnNNfLi/tMD4cYcBVY26uAoApMx4mAIJxslrM+tsRMeeKzEiKu8mb37IZwwe6kvbZ91SfH+8P/nfxhRUbFIy98ZtUuqZ8/r3cwcImsYSxzxgOiPQ2f73qW0V63A+lhSM6hc86wiRFLaZ27raXf/bhx5pGwhKzPsAk2XxrcxeQqm1kvbrMGwKltxpknIrkgVjlh46I2DiNXZKnyVjXxYdpny8y3USMk+qtiN6LCrzvTlVbN4cAs7JekPbKUalqYUOhvdKwSNZoIX247WewFDdxLuua4vWKOsia4tf82sWDepgb6jRr8l93gMZPG5C2KJZptWyqrGfPqARgAf2BHOun5LJ2TKIuGvOpT3IPuKpZLH5w0x0I4hAoj3YxgDfLKk5MpAj170oT2cjiLGRpZ2VzdD0xNDAxODYscz02M2E0N2Y3MzllYTVhOTY3NjQ3NDg5YTA4NjY1NzhhOWFjN2RhMTlmOTI5ZjkwNmE3ZTk2OTE2YTg1YTA4N2FlODhhYjZiNjY3YjliNmQ2ZQ==
Connection
keep-alive
Referer
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
identity
profile.ngpvan.com/
72 B
1 KB
Script
General
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
e5ea29f4f5e03c400ba5f4a342f1bf1f2bc5e4c34f7b5d7be5008fe8eb525e15
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
vary
Accept-Encoding
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo
10-266171161-266171162 2NNN RT(1618690444461 0) q(0 0 0 0) r(2 2)
x-cdn
Imperva
content-type
text/javascript; charset=utf-8
content-length
190
etag
W/"48-TYIdzw/9E5HsBXtQ6FWjl+dgj9c"
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
gtm.js
www.googletagmanager.com/
101 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f04a808d58daa30b9d17e72d31baa4ceb4be3f9a3b13f7d23f202c1aacc98c7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:14:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36382
x-xss-protection
0
last-modified
Sat, 17 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 17 Apr 2021 20:14:05 GMT
extra.min.css
d3rse9xjbp8270.cloudfront.net/
92 KB
16 KB
Stylesheet
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf59326a4d95e837dd9e10a0e55474d6c3de3c82ad092a057f6eed1f190502cc

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 16:19:28 GMT
content-encoding
gzip
age
71418
x-cache
Hit from cloudfront
content-length
15885
access-control-allow-origin
*
last-modified
Tue, 13 Apr 2021 15:03:50 GMT
server
AmazonS3
etag
"805d21f0cf3743a20359c333a7dfffbf"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-amz-cf-id
wR7TiBosirer5XOAZs_1Ambs_O-jXNxmtkp04A7KsWwECqNeUudMFw==
Cookie set OC1wKu5tn0O90-kiea46kg2
secure.ngpvan.com/v1/Forms/
19 KB
7 KB
XHR
General
Full URL
https://secure.ngpvan.com/v1/Forms/OC1wKu5tn0O90-kiea46kg2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ffecb926894dabfee9536fd1f61cff12d1ce2470cf3e285bb2a9c6453298e2b2
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Accept-Encoding
gzip, deflate, br
traceparent
00-c54fc36c4c3f430686068b4b85b3749b-aa4fbdc8ee6f4781-01
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; TiPMix=63.0739226765344; x-ms-routing-name=self; ai_user=w1ZBWWhWbsiThmq3ufdrMa|2021-04-17T20:14:05.180Z; ___utmvc=eaCEcPJ02CIA9y1n1MNF98YAWdnFjPdygjt8SR8o99Eqff+wxS5VQQ+LNzyoybbAKIxFOxv01FLb0Ysdyrj6o8RAZfm6yBe/EUIGpvLhybbHL52VBtT1PsUamAIbM9vzSF1/fZWQZIYncQZR4ATAihJFXEVThmr8u+q6HFOpD3aOb8zTcEm66vjNhaJ3McMJ3VamiWgt8erEdcQiluO5Eqk0ZTDCAR//6bKPzaR8xkDerSSBrSP/lO9gw5vfEhtpKpbjgh25ib6ZUd80WRzXDVMaae9IScNodm+7XkNLNj/cl0PrZTc6qQfGYiJXPlFHiTQgaay1tAQBvRfmLlnvKEs0qejs4hPQqqJJxSqMKN8XdBzl8RL7PeN83zNqfSZLCcDl14rI7VM7xOsBDQ0Jnxnn9VauywwCzbsHtrJOkok4uVyTc/kZpZ5T4OYDHyMjgFNzVmST7bXUlJBHvgZMhC9on8whk5VHnTnMCT+f6Qz7pJefs9zfgCD7+kNBqe7BoAWhawIKkh2XsMoXkwor94i1yOyqW9RkWzPSUAeLvr4kDmGKkRzb/Jtiz8I/ldXddoyhc6hn9I9jy8xWvNNkuPBm+G56yHrEZ5ZmKZVhVwjUXkDOvDiG2Bo9TrwwS5S16JGWJ2g9WszV2IpLWO181kGKOL+72GPs2gUHU00nFrd3R48BuJwQRP/Zg20xLYg24/uBRMv+7o67GE46U24uMuZOqwklKRluH2SQuoy9Sq/VMPFVQX6JX0EeRD6x1d7Lkh2vlHEi/fI3kF+41ZpalKbwj+C2KrYgYhzK8J80v0IS8FDOH4TX0/XoYmCpk4HUGcGzToNWWzt0M7C4ZwEQbFsMgI3Ob4A6silZrrsKYJYpX5BZ8VoCOOn0TwEpUt0kgeFcvzCE6VSMG0rjxUBUBjfWZiKkE2n4tY2fBtF+C1wN7zrhJf21FIc+nW+wL5KfD6OoqsxJnhmGZnLxhUyCFuuowa4MYuONsqsLiytgGhD08zipHnq9spPjN4pFvdMp09TY3/1LdKRwsn67M7Hl5AQ+dzxjZaMIc+GMSjpvZI0M8ULB3zmjzLq9btQXwPovzudxRORi6iQP+mTs8IHQAGcbtO2GcvTSb4/x/8pnKOVgMU+eKaF6lV2RUMH3mL9yf+Qs+M610sqDnlVgS1/7YuTgaqyikiZFues42sZh4m8SeAU5YCwfqVURKaw4TNDbKEjLQTxXj11megXcIQafTc2MX+6CYiqJTgWaSLiVWG+IkUEfhf6KRpqKXXjV0g8l0WZ0rItw4TBQY0QRZrjlyV2ftrzkIOko0zGRMVZrCGVxovxBphkr8v5UDZbOvKanPOmNT2U8EgnmWOXbSuA+DTurEGWn3Np4lf37yUlRiz7gBGRL/GNkzurU7IfG1j9jjAQr5sBtpHXrwI45CePfWMcFbzNcWAW6L2lU9MirQBKDViwrKUeHcC5Uno7oZdAPd6o/uKEFHwsz0bZsphz4Mqnr9hVdCC6ULksqQ8NpO8ZFTh7/W9CZW17hTCd+7lzZZu3m4hnZTnDcv6r4JnEuH9Wj/nhGMqSRhjrGW6eswWv+hBE1PR5bJxt5ovyOsFOtit5ju51IglE+p9iFe7yD1Bi1MMrRlnS4ThRXXWQDt5TDBY82xvHjnNNfLi/tMD4cYcBVY26uAoApMx4mAIJxslrM+tsRMeeKzEiKu8mb37IZwwe6kvbZ91SfH+8P/nfxhRUbFIy98ZtUuqZ8/r3cwcImsYSxzxgOiPQ2f73qW0V63A+lhSM6hc86wiRFLaZ27raXf/bhx5pGwhKzPsAk2XxrcxeQqm1kvbrMGwKltxpknIrkgVjlh46I2DiNXZKnyVjXxYdpny8y3USMk+qtiN6LCrzvTlVbN4cAs7JekPbKUalqYUOhvdKwSNZoIX247WewFDdxLuua4vWKOsia4tf82sWDepgb6jRr8l93gMZPG5C2KJZptWyqrGfPqARgAf2BHOun5LJ2TKIuGvOpT3IPuKpZLH5w0x0I4hAoj3YxgDfLKk5MpAj170oT2cjiLGRpZ2VzdD0xNDAxODYscz02M2E0N2Y3MzllYTVhOTY3NjQ3NDg5YTA4NjY1NzhhOWFjN2RhMTlmOTI5ZjkwNmE3ZTk2OTE2YTg1YTA4N2FlODhhYjZiNjY3YjliNmQ2ZQ==
Connection
keep-alive
Request-Id
|c54fc36c4c3f430686068b4b85b3749b.aa4fbdc8ee6f4781
Pragma
no-cache
Host
secure.ngpvan.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Cache-Control
no-cache
Referer
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Sec-Fetch-Site
same-origin
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
X-Requested-With
XMLHttpRequest
traceparent
00-c54fc36c4c3f430686068b4b85b3749b-aa4fbdc8ee6f4781-01
Request-Id
|c54fc36c4c3f430686068b4b85b3749b.aa4fbdc8ee6f4781
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-CDN
Imperva
Transfer-Encoding
chunked
X-Iinfo
12-359643331-359643339 SNNN RT(1618690443507 911) q(0 0 0 -1) r(1 1) U2
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma
no-cache
Last-Modified
Sat, 17 Apr 2021 20:14:05 GMT
Date
Sat, 17 Apr 2021 20:14:04 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
ETag
"e081e7a5-c937-429c-8a0b-2592326e61bd"
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Set-Cookie
___utmvc=a; Max-Age=0; path=/; expires=Sun, 28 Mar 2021 03:31:54 GMT ; Secure; SameSite=None; SameSite=None; Secure
Expires
-1
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
1063
date
Sat, 17 Apr 2021 19:56:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sat, 17 Apr 2021 21:56:22 GMT
identity
fastaction.ngpvan.com/api/v1/
186 B
1 KB
Script
General
Full URL
https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1618690445499=
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Cowboy / Express
Resource Hash
37ef272b0a57c3a8c07f26a17ed50dea0efe7b92088fd1c915c27697285c9ded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
via
1.1 vegur
x-content-type-options
nosniff
server
Cowboy
content-encoding
gzip
x-powered-by
Express
vary
Accept-Encoding
p3p
CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo
10-266171197-266171198 NNYN CT(76 173 0) RT(1618690444612 0) q(0 0 2 0) r(4 4) U18
cache-control
max-age=0
date
Sat, 17 Apr 2021 20:14:05 GMT
etag
W/"ba-jUUTU7k3AB6ofknF/Y2zAYOywqo"
content-type
text/javascript; charset=utf-8
x-cdn
Imperva
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
truncated
/
73 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/
94 KB
95 KB
Font
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Origin
https://secure.ngpvan.com
Referer
https://d3rse9xjbp8270.cloudfront.net/at.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:37:56 GMT
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
age
2296
x-cache
Hit from cloudfront
content-length
96388
last-modified
Thu, 03 Oct 2019 17:12:45 GMT
server
AmazonS3
etag
"aca35251952e72d9e32d41217f0f97ab"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-amz-cf-id
IkWQ9kXFcYg7tcTP4NhuVjhPVDNglieShEOGV8ZtboZVSspuHl8e3g==
l
use.typekit.net/af/e69b71/00000000000000003b9b0ee6/27/
36 KB
36 KB
Font
General
Full URL
https://use.typekit.net/af/e69b71/00000000000000003b9b0ee6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uct5oqo.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b319f28c8906276368c953984303f7769aaa9c4a1f4880b39a07992536ba7a29

Request headers

Origin
https://secure.ngpvan.com
Referer
https://use.typekit.net/uct5oqo.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:14:05 GMT
server
nginx
etag
"b24ceaf907bd43dca3139d51fc7f8f6f1c1d4f33"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
36620
l
use.typekit.net/af/cf8ade/000000000000000000017201/27/
11 KB
11 KB
Font
General
Full URL
https://use.typekit.net/af/cf8ade/000000000000000000017201/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uct5oqo.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
514c7781614237bd5a047e9f22f5bde4e265e4fc440ae89bea4120115c68d4aa

Request headers

Origin
https://secure.ngpvan.com
Referer
https://use.typekit.net/uct5oqo.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:14:05 GMT
server
nginx
etag
"b31b687b5da8dee7082af4f5346b0bf1266c4705"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11220
intl-tel.input.utils.js
d3rse9xjbp8270.cloudfront.net/assets/js/
229 KB
52 KB
Script
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/js/intl-tel.input.utils.js
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 01:56:59 GMT
content-encoding
gzip
age
5768227
x-cache
Hit from cloudfront
content-length
52457
access-control-allow-origin
*
last-modified
Thu, 03 Oct 2019 17:12:46 GMT
server
AmazonS3
etag
"0e171f16b707862d9a5a9168f0edc967"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-amz-cf-id
5Hgflw-XBZZEj9NDWXHmt5JJcSQcG2ebD18HGTnp4Dqmx7t05UT-2Q==
truncated
/
784 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
flags.png
d3rse9xjbp8270.cloudfront.net/assets/images/
20 KB
20 KB
Image
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/images/flags.png
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

Referer
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 01:52:41 GMT
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
age
3349285
x-cache
Hit from cloudfront
content-length
20389
last-modified
Thu, 03 Oct 2019 17:12:45 GMT
server
AmazonS3
etag
"4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-amz-cf-id
hYr35s0wLLfYXOX6YFkabnqOMRlKnEz5fc5U8kIjNAklKJL_Tb12rw==
Cookie set OC1wKu5tn0O90-kiea46kg2
secure.ngpvan.com/v1/Track/
0
628 B
Image
General
Full URL
https://secure.ngpvan.com/v1/Track/OC1wKu5tn0O90-kiea46kg2?formSessionId=1809b1c3-9222-413e-8764-b6c1f6cecbda
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.ngpvan.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Cookie
visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; TiPMix=63.0739226765344; x-ms-routing-name=self; ai_user=w1ZBWWhWbsiThmq3ufdrMa|2021-04-17T20:14:05.180Z; ai_session=YvnBok4UHB3npKbKIUmuyJ|1618690445393|1618690445393
Connection
keep-alive
Referer
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Imperva
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Date
Sat, 17 Apr 2021 20:14:04 GMT
X-Frame-Options
SAMEORIGIN
X-Iinfo
12-359643331-359643339 SNNN RT(1618690443507 1159) q(0 0 0 -1) r(1 1) U2
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Set-Cookie
; Secure; SameSite=None; SameSite=None; Secure
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
-1
fast-action.svg
d3rse9xjbp8270.cloudfront.net/assets/images/
9 KB
9 KB
Image
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/images/fast-action.svg
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 21:03:52 GMT
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
age
83414
x-cache
Hit from cloudfront
content-length
9203
last-modified
Wed, 08 Jan 2020 18:06:45 GMT
server
AmazonS3
etag
"babd47dc25531a9faeadc04f1afa1910"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-amz-cf-id
oZCki-4tKcmm14zZsyOhVsEKG8nICFtOD0bEQRxKJUqYv9cqa3w5qg==
index.html
js.verygoodvault.com/vgs-collect/1/lib/ Frame F3A9
364 B
910 B
Document
General
Full URL
https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId17021910600504038324&formId=randomId1707971127273293097&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-59.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d80fc8c0cc52b5b894facc0ce5ec6ea3ece6de521244eed51ce28f3c79120077

Request headers

Host
js.verygoodvault.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://secure.ngpvan.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://secure.ngpvan.com/

Response headers

Content-Type
text/html
Content-Length
364
Connection
keep-alive
Last-Modified
Fri, 13 Dec 2019 10:04:14 GMT
x-amz-version-id
Y32ydhKm.okR8ywruNeZz3X7lZoLPNyq
Accept-Ranges
bytes
Server
AmazonS3
Access-Control-Allow-Origin
*
Date
Sat, 17 Apr 2021 16:55:01 GMT
ETag
"9ccd2ada3eb09f1091deab9e7f29cd73"
X-Cache
Hit from cloudfront
Via
1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CPH50-C1
X-Amz-Cf-Id
UqaqskBtR0GvBJYJu2Aabv4DXnZKLK36WypiIwyi1ciYRrVzpEhY-A==
Age
67736
index.html
js.verygoodvault.com/vgs-collect/1/lib/ Frame 622E
364 B
910 B
Document
General
Full URL
https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId170058645842181841434&formId=randomId1707971127273293097&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-59.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d80fc8c0cc52b5b894facc0ce5ec6ea3ece6de521244eed51ce28f3c79120077

Request headers

Host
js.verygoodvault.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://secure.ngpvan.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://secure.ngpvan.com/

Response headers

Content-Type
text/html
Content-Length
364
Connection
keep-alive
Last-Modified
Fri, 13 Dec 2019 10:04:14 GMT
x-amz-version-id
Y32ydhKm.okR8ywruNeZz3X7lZoLPNyq
Accept-Ranges
bytes
Server
AmazonS3
Access-Control-Allow-Origin
*
Date
Sat, 17 Apr 2021 16:55:01 GMT
ETag
"9ccd2ada3eb09f1091deab9e7f29cd73"
X-Cache
Hit from cloudfront
Via
1.1 6e7498469e2ca10a35f5f52ababba925.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CPH50-C1
X-Amz-Cf-Id
3Yctvo1zgzvGxQaR9aWVlg6PBb5gYwg6jo4NrtotCddH2v8YT85_ww==
Age
67736
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1782580567&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utt=165&_u=YEBAAEABAAAAAC~&jid=365352876&gjid=388532689&cid=1755574894.1618690446&tid=UA-28243511-22&_gid=690850052.1618690446&_r=1&gtm=2wg4725L2FSL&z=389668125
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:14:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.ngpvan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1782580567&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=EventForm&ea=Form%20Load&el=Minimal&ev=16&_u=YEDAAEABAAAAAC~&jid=1861763817&gjid=657439259&cid=1755574894.1618690446&tid=UA-28243511-20&_gid=690850052.1618690446&_r=1&gtm=2wg4725L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP22%2F1%2F73762&cd4=1004054&cd5=092319BOCHI&cd6=OC1wKu5tn0O90-kiea46kg2&z=328663614
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:14:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.ngpvan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-28243511-20&cid=1755574894.1618690446&jid=1024495874&gjid=1225376666&_gid=690850052.1618690446&_u=YGDAgEABAAAAAG~&z=1465148742
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 17 Apr 2021 20:14:05 GMT
content-type
text/plain
access-control-allow-origin
https://secure.ngpvan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=1782580567&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAC~&jid=1024495874&gjid=1225376666&cid=1755574894.1618690446&tid=UA-28243511-20&_gid=690850052.1618690446&gtm=2wg4725L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP22%2F1%2F73762&cd4=1004054&cd5=092319BOCHI&cd6=OC1wKu5tn0O90-kiea46kg2&z=1415887527
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 10:05:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36528
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=1782580567&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utt=9&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1755574894.1618690446&tid=UA-28243511-22&_gid=690850052.1618690446&gtm=2wg4725L2FSL&z=1610559512
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 10:05:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36528
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=1782580567&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utt=65&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1755574894.1618690446&tid=UA-28243511-22&_gid=690850052.1618690446&gtm=2wg4725L2FSL&z=1797279859
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 10:05:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36528
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=1782580567&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utt=4&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1755574894.1618690446&tid=UA-28243511-22&_gid=690850052.1618690446&gtm=2wg4725L2FSL&z=537240269
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 10:05:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36528
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=1782580567&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utt=246&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1755574894.1618690446&tid=UA-28243511-22&_gid=690850052.1618690446&gtm=2wg4725L2FSL&z=308629233
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 10:05:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36528
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=1782580567&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=275&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1755574894.1618690446&tid=UA-28243511-22&_gid=690850052.1618690446&gtm=2wg4725L2FSL&z=764292138
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 10:05:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36528
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
nvtag
profile.ngpvan.com/v2/data/7nz6idAD5C0ojLLaoiczAOQt/
2 B
943 B
XHR
General
Full URL
https://profile.ngpvan.com/v2/data/7nz6idAD5C0ojLLaoiczAOQt/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:14:06 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.ngpvan.com
x-iinfo
12-359643660-359643668 NNNN CT(0 0 2) RT(1618690445019 0) q(0 0 4 24) r(4 4) U12
access-control-allow-credentials
true
content-length
123
x-cdn
Imperva
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
collect
stats.g.doubleclick.net/j/
1 B
67 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-28243511-20&cid=1755574894.1618690446&jid=1861763817&gjid=657439259&_gid=690850052.1618690446&_u=YEDAAEABAAAAAC~&z=88050586
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 17 Apr 2021 20:14:05 GMT
content-type
text/plain
access-control-allow-origin
https://secure.ngpvan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
application.79e1c4bdbd2f9f27a4a3.css
js.verygoodvault.com/vgs-collect/1/lib/ Frame 622E
74 KB
30 KB
Stylesheet
General
Full URL
https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.css
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId170058645842181841434&formId=randomId1707971127273293097&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-59.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15a2e567e0cd332fe8db4a82333fd854727e9c959beaeda54ece12aa07719353

Request headers

Referer
https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId170058645842181841434&formId=randomId1707971127273293097&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cCbufO_ebum5aJCKWyZMP79Y8Ljox1pp
Content-Encoding
gzip
ETag
W/"82263942809c4598900333534c8d15f9"
Age
110038
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 13 Dec 2019 10:04:14 GMT
Server
AmazonS3
Date
Sat, 17 Apr 2021 05:56:07 GMT
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CPH50-C1
X-Amz-Cf-Id
PrsXOUxCOWKPIluZxY9Qpy80dWWuiSfrXb5D9HTDUWaD1sAV0AnuDA==
application.79e1c4bdbd2f9f27a4a3.js
js.verygoodvault.com/vgs-collect/1/lib/ Frame 622E
285 KB
88 KB
Script
General
Full URL
https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.js
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId170058645842181841434&formId=randomId1707971127273293097&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-59.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27e7fd5d7e731d070e772e6c36e0637065b639fe1657332820e94f7382094ad6

Request headers

Referer
https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId170058645842181841434&formId=randomId1707971127273293097&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
u5eKO1e1oOiq8Z45mqgA.YXfbeZi8_AD
Content-Encoding
gzip
ETag
W/"cc5465b1fe8ef0d6a02482a43c893d62"
Age
55352
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 13 Dec 2019 10:04:14 GMT
Server
AmazonS3
Date
Sat, 17 Apr 2021 18:12:52 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 6e7498469e2ca10a35f5f52ababba925.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CPH50-C1
X-Amz-Cf-Id
imyXrlP4Xpw-RDkF9XgEkQBj-2Ioh9Qa6OJ4C2z69mjKn-LI45SgmA==
application.79e1c4bdbd2f9f27a4a3.css
js.verygoodvault.com/vgs-collect/1/lib/ Frame F3A9
74 KB
30 KB
Stylesheet
General
Full URL
https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.css
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId17021910600504038324&formId=randomId1707971127273293097&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-59.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15a2e567e0cd332fe8db4a82333fd854727e9c959beaeda54ece12aa07719353

Request headers

Referer
https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId17021910600504038324&formId=randomId1707971127273293097&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cCbufO_ebum5aJCKWyZMP79Y8Ljox1pp
Content-Encoding
gzip
ETag
W/"82263942809c4598900333534c8d15f9"
Age
110038
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 13 Dec 2019 10:04:14 GMT
Server
AmazonS3
Date
Sat, 17 Apr 2021 05:56:07 GMT
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CPH50-C1
X-Amz-Cf-Id
LvZ5zKPYkh4dmyGN-wvPKGULiCkDBvClgUBVkpvGb1FRWK92dkCUuw==
application.79e1c4bdbd2f9f27a4a3.js
js.verygoodvault.com/vgs-collect/1/lib/ Frame F3A9
285 KB
88 KB
Script
General
Full URL
https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.js
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId17021910600504038324&formId=randomId1707971127273293097&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-59.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27e7fd5d7e731d070e772e6c36e0637065b639fe1657332820e94f7382094ad6

Request headers

Referer
https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId17021910600504038324&formId=randomId1707971127273293097&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
u5eKO1e1oOiq8Z45mqgA.YXfbeZi8_AD
Content-Encoding
gzip
ETag
W/"cc5465b1fe8ef0d6a02482a43c893d62"
Age
55352
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 13 Dec 2019 10:04:14 GMT
Server
AmazonS3
Date
Sat, 17 Apr 2021 18:12:52 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 7c587fa0463f61b130aff5ca04c29170.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CPH50-C1
X-Amz-Cf-Id
EQkzoQfU23DP4bNQzpvEHk_vnjdwXmXQkJjghhPCD7S3oOEOYf6QRQ==
vgs
vgs-collect-keeper.apps.verygood.systems/ Frame 622E
0
156 B
XHR
General
Full URL
https://vgs-collect-keeper.apps.verygood.systems/vgs
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.239.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-239-219.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.verygoodvault.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.verygoodvault.com
date
Sat, 17 Apr 2021 20:14:06 GMT
vary
Origin
x-powered-by
Express
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
vgs
vgs-collect-keeper.apps.verygood.systems/ Frame F3A9
0
157 B
XHR
General
Full URL
https://vgs-collect-keeper.apps.verygood.systems/vgs
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.239.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-239-219.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.verygoodvault.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.verygoodvault.com
date
Sat, 17 Apr 2021 20:14:06 GMT
vary
Origin
x-powered-by
Express
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://secure.ngpvan.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Sat, 17 Apr 2021 20:14:06 GMT
content-length
0
track
dc.services.visualstudio.com/v2/
98 B
237 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
D2C4843F-232F-4D05-A0E3-812A4BEEA112
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sat, 17 Apr 2021 20:14:07 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
98
7nz6idAD5C0ojLLaoiczAOQt
secure.everyaction.com/Databag/Profile/
0
1 KB
XHR
General
Full URL
https://secure.everyaction.com/Databag/Profile/7nz6idAD5C0ojLLaoiczAOQt
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Imperva
Date
Sat, 17 Apr 2021 20:14:06 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
https://secure.ngpvan.com
X-Iinfo
12-359643745-359643753 NNNN CT(78 152 0) RT(1618690445565 38) q(0 0 2 4) r(3 3) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Cookie set 7nz6idAD5C0ojLLaoiczAOQt
secure.ngpvan.com/Databag/Profile/
0
726 B
XHR
General
Full URL
https://secure.ngpvan.com/Databag/Profile/7nz6idAD5C0ojLLaoiczAOQt
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.ngpvan.com
traceparent
00-c54fc36c4c3f430686068b4b85b3749b-d403afa2b84f4029-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept-Language
en-US
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Cookie
visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; TiPMix=63.0739226765344; x-ms-routing-name=self; ai_user=w1ZBWWhWbsiThmq3ufdrMa|2021-04-17T20:14:05.180Z; ai_session=YvnBok4UHB3npKbKIUmuyJ|1618690445393|1618690445393; visid_incap_2233503=e6R+rOPrRFCnRGWJwcXjQ4xBe2AAAAAAQUIPAAAAAABU5m86t3rLuzvFcGTYFu16; incap_ses_9153_2233503=xA+DPqIFsEfakpJmJP0Ff4xBe2AAAAAApp9113hrR2+zcstbgB2wHw==; nlbi_2233503=FuQJT15kTmc0vS2HvIV21QAAAAATBffKHi4ZDl1Sy5Ta62FK; _ga=GA1.2.1755574894.1618690446; _gid=GA1.2.690850052.1618690446; _gat_UA-28243511-22=1; _gat_UA-28243511-20=1; _dc_gtm_UA-28243511-20=1; visid_incap_972453=vW2QdghlRC6CfWvWAR8G04xBe2AAAAAAQUIPAAAAAACGXvZgznXJLsIg4w+wsUoy; nlbi_972453=bgcuE6hyxF0IyyhgMvukzwAAAAD3jPa2y10btrNDcEVZ9cPU; incap_ses_9153_972453=09IeS+6HYzoGk5JmJP0Ff41Be2AAAAAAVzLT4rRvFYaTFqjPP36gXQ==
Connection
keep-alive
Request-Id
|c54fc36c4c3f430686068b4b85b3749b.d403afa2b84f4029
Accept
*/*
Referer
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
traceparent
00-c54fc36c4c3f430686068b4b85b3749b-d403afa2b84f4029-01
Request-Id
|c54fc36c4c3f430686068b4b85b3749b.d403afa2b84f4029
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Imperva
Date
Sat, 17 Apr 2021 20:14:05 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
X-Iinfo
12-359643331-359643339 SNNN RT(1618690443507 2017) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Set-Cookie
ProfileDatabagId=7nz6idAD5C0ojLLaoiczAOQt; domain=.ngpvan.com; expires=Thu, 17-Apr-2031 20:14:06 GMT; path=/; Secure; SameSite=None; SameSite=None; Secure
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| sdkInstance string| aiName object| aisdk string| appInsightsSDK object| appInsights function| handleScriptLoadError object| dataLayer object| google_tag_manager object| e function| t object| Microsoft function| __assign function| __extends number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad object| VgForm object| SecureForm object| VGSCollect function| _ object| CSSModal object| intlTelInputGlobals function| intlTelInput object| nvtag object| Backbone function| _jqjsp object| atLayer object| _gaq object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType object| google_tag_data string| GoogleAnalyticsObject function| ga object| formview object| gaplugins object| gaGlobal object| gaData object| intlTelInputUtils

18 Cookies

Domain/Path Name / Value
.ngpvan.com/ Name: _gat_UA-28243511-22
Value: 1
.ngpvan.com/ Name: _gid
Value: GA1.2.690850052.1618690446
.ngpvan.com/ Name: _ga
Value: GA1.2.1755574894.1618690446
.ngpvan.com/ Name: nlbi_972453
Value: bgcuE6hyxF0IyyhgMvukzwAAAAD3jPa2y10btrNDcEVZ9cPU
.ngpvan.com/ Name: visid_incap_2233503
Value: e6R+rOPrRFCnRGWJwcXjQ4xBe2AAAAAAQUIPAAAAAABU5m86t3rLuzvFcGTYFu16
.ngpvan.com/ Name: nlbi_2233503
Value: FuQJT15kTmc0vS2HvIV21QAAAAATBffKHi4ZDl1Sy5Ta62FK
.ngpvan.com/ Name: _dc_gtm_UA-28243511-20
Value: 1
secure.ngpvan.com/ Name: ai_session
Value: YvnBok4UHB3npKbKIUmuyJ|1618690445393|1618690445393
.ngpvan.com/ Name: _gat_UA-28243511-20
Value: 1
secure.ngpvan.com/ Name: ai_user
Value: w1ZBWWhWbsiThmq3ufdrMa|2021-04-17T20:14:05.180Z
.ngpvan.com/ Name: incap_ses_9153_1002065
Value: 4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==
.secure.ngpvan.com/ Name: TiPMix
Value: 63.0739226765344
.ngpvan.com/ Name: visid_incap_972453
Value: vW2QdghlRC6CfWvWAR8G04xBe2AAAAAAQUIPAAAAAACGXvZgznXJLsIg4w+wsUoy
.secure.ngpvan.com/ Name: x-ms-routing-name
Value: self
.ngpvan.com/ Name: incap_ses_9153_2233503
Value: xA+DPqIFsEfakpJmJP0Ff4xBe2AAAAAApp9113hrR2+zcstbgB2wHw==
.ngpvan.com/ Name: incap_ses_9153_972453
Value: 09IeS+6HYzoGk5JmJP0Ff41Be2AAAAAAVzLT4rRvFYaTFqjPP36gXQ==
.ngpvan.com/ Name: nlbi_1002065
Value: VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M
.ngpvan.com/ Name: visid_incap_1002065
Value: ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3

6 Console Messages

Source Level URL
Text
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Downloading: 165.023193359375 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Processing: 8.382080078125 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Render: 64.008056640625 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Fill: 3.96728515625 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Form: 245.44580078125 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Total: 274.775146484375 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
p.typekit.net
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
stats.g.doubleclick.net
use.typekit.net
vgs-collect-keeper.apps.verygood.systems
www.google-analytics.com
www.googletagmanager.com
143.204.245.59
18.232.239.219
2600:9000:2104:2800:12:303c:8700:21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:801::2008
2a00:1450:4001:80e::200e
2a00:1450:400c:c0d::9b
2a02:26f0:1700:68a::19fd
2a02:26f0:6c00::210:ba3b
45.60.33.183
51.107.59.180
52.239.157.138
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
15a2e567e0cd332fe8db4a82333fd854727e9c959beaeda54ece12aa07719353
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
27e7fd5d7e731d070e772e6c36e0637065b639fe1657332820e94f7382094ad6
2aa7ee31b0ae288fe00108c6b594bcef04278507b10ec45a721adaf2b0aa8505
37ef272b0a57c3a8c07f26a17ed50dea0efe7b92088fd1c915c27697285c9ded
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
452738d27c3d427f83805f29a3ea0766761dc96fe0ea8f945e21ca67ace805ab
47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72
4a265f576c545ebfe2fc1f094863ef2428c8cc8828f9f485f968cb2a30e23f66
514c7781614237bd5a047e9f22f5bde4e265e4fc440ae89bea4120115c68d4aa
59c6a30bdc96ca4359841d35f675fb2b752432749d49f463b9324a34c4db5bdf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
82752d3eb0732adedc9cdcf517ecf99ef28973e35f1a5d4fb73ada059f960802
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e
9ed59a79db2ef0b4f9b88f72eb78c5566daf19b1577f7a6964b1837b0ac591e1
b319f28c8906276368c953984303f7769aaa9c4a1f4880b39a07992536ba7a29
b4d3b9210382b816abc1445d605f74fc3a09fceebbe6c357e5745f8b192457ea
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c
c8a28de79420d240b67e5b0e5c878c62ffdd15cc5297492ff61a448622c0507b
c8fe0e0eb99aaed1e886a2c942bd56ee4f8ae929f9d4bd9c695dc05c28837ccc
cf59326a4d95e837dd9e10a0e55474d6c3de3c82ad092a057f6eed1f190502cc
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf
d56b1248ba3658f271a72ddd36e27d7858457fd5745e1c3746375b669c0c3414
d80fc8c0cc52b5b894facc0ce5ec6ea3ece6de521244eed51ce28f3c79120077
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ea29f4f5e03c400ba5f4a342f1bf1f2bc5e4c34f7b5d7be5008fe8eb525e15
f04a808d58daa30b9d17e72d31baa4ceb4be3f9a3b13f7d23f202c1aacc98c7f
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc
ffecb926894dabfee9536fd1f61cff12d1ce2470cf3e285bb2a9c6453298e2b2