secure.ngpvan.com Open in urlscan Pro
45.60.33.183 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Submission Tags: falconsandbox
Submission: On April 17 via api (April 17th 2021, 8:14:23 pm UTC) from US

Summary HTTP 50 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 50 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.ngpvan.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on January 14th 2021. Valid for: a year.

This is the only time secure.ngpvan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
7	2600:9000:210... 2600:9000:2104:2800:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba3b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.239.157.138 52.239.157.138	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	143.204.245.59 143.204.245.59	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:170... 2a02:26f0:1700:68a::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
9	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
2	18.232.239.219 18.232.239.219	14618 (AMAZON-AES) (AMAZON-AES)
2	51.107.59.180 51.107.59.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
50	13

11 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2104:2800:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba3b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.157.138 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.245.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-59.cph50.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:68a::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.232.239.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-239-219.compute-1.amazonaws.com

vgs-collect-keeper.apps.verygood.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.107.59.180 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ngpvan.com secure.ngpvan.com profile.ngpvan.com fastaction.ngpvan.com	35 KB
9	google-analytics.com www.google-analytics.com	20 KB
7	verygoodvault.com js.verygoodvault.com	263 KB
7	cloudfront.net d3rse9xjbp8270.cloudfront.net	444 KB
6	typekit.net use.typekit.net p.typekit.net	121 KB
2	visualstudio.com dc.services.visualstudio.com	237 B
2	verygood.systems vgs-collect-keeper.apps.verygood.systems	313 B
2	doubleclick.net stats.g.doubleclick.net	511 B
2	googletagmanager.com www.googletagmanager.com	74 KB
1	everyaction.com secure.everyaction.com	1 KB
1	msecnd.net az416426.vo.msecnd.net	38 KB
1	windows.net nvlupin.blob.core.windows.net	5 KB
50	12

	Domain	Requested by
9	www.google-analytics.com	www.googletagmanager.com az416426.vo.msecnd.net secure.ngpvan.com
7	js.verygoodvault.com	secure.ngpvan.com js.verygoodvault.com
7	d3rse9xjbp8270.cloudfront.net	secure.ngpvan.com d3rse9xjbp8270.cloudfront.net
7	secure.ngpvan.com	secure.ngpvan.com az416426.vo.msecnd.net
5	use.typekit.net	secure.ngpvan.com use.typekit.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	vgs-collect-keeper.apps.verygood.systems	js.verygoodvault.com
2	stats.g.doubleclick.net	az416426.vo.msecnd.net
2	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net az416426.vo.msecnd.net
2	www.googletagmanager.com	secure.ngpvan.com d3rse9xjbp8270.cloudfront.net
1	secure.everyaction.com	az416426.vo.msecnd.net
1	fastaction.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	az416426.vo.msecnd.net	secure.ngpvan.com
1	p.typekit.net	use.typekit.net
1	nvlupin.blob.core.windows.net	secure.ngpvan.com
50	15

This site contains links to these domains. Also see Links.

Domain
fastaction.ngpvan.com

Subject Issuer	Validity	Valid
*.ngpvan.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-14` - `2022-01-14`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-02-17` - `2022-02-17`	a year	crt.sh
*.verygoodvault.com Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
vgs-collect-keeper.apps.verygood.systems R3	`2021-02-18` - `2021-05-19`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 02	`2021-03-09` - `2022-03-09`	a year	crt.sh
*.everyaction.com RapidSSL TLS RSA CA G1	`2020-05-28` - `2022-05-28`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Frame ID: 216DF0FE0288C9375C31ACDCEAB53171
Requests: 43 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId17021910600504038324&formId=randomId1707971127273293097&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Frame ID: F3A9E106A3F5D2666DBB3B74D2EE36DE
Requests: 4 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId170058645842181841434&formId=randomId1707971127273293097&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Frame ID: 622E12D7D1E0E65A6A3378622243BAA8
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

50
Requests

100 %
HTTPS

58 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

1003 kB
Transfer

2835 kB
Size

18
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set OC1wKu5tn0O90-kiea46kg2 Show response
secure.ngpvan.com/ 11 KB
5 KB 522ms
441ms Document
text/html 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c8a28de79420d240b67e5b0e5c878c62ffdd15cc5297492ff61a448622c0507b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: secure.ngpvan.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers: Request-Context
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date: Sat, 17 Apr 2021 20:14:04 GMT
Set-Cookie: visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; expires=Sun, 17 Apr 2022 03:52:20 GMT; HttpOnly; path=/; Domain=.ngpvan.com nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; path=/; Domain=.ngpvan.com incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; path=/; Domain=.ngpvan.com TiPMix=63.0739226765344; path=/; HttpOnly; Domain=secure.ngpvan.com; Max-Age=3600; Secure; SameSite=None; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=secure.ngpvan.com; Max-Age=3600; Secure; SameSite=None; Secure ; Secure; SameSite=None; SameSite=None; Secure
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 12-359643331-359643339 NNNN CT(81 174 0) RT(1618690443507 29) q(0 0 2 0) r(4 4) U2

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 819 KB
232 KB 228ms
141ms Script
application/javascript 2600:9000:2104:2800:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a265f576c545ebfe2fc1f094863ef2428c8cc8828f9f485f968cb2a30e23f66

Request headers

Origin: https://secure.ngpvan.com
Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:19:28 GMT
content-encoding: gzip
age: 14083
x-cache: Hit from cloudfront
content-length: 236656
access-control-allow-origin: *
last-modified: Tue, 13 Apr 2021 15:03:50 GMT
server: AmazonS3
etag: "742e6af5c335c0799f82ccb8791f4e13"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: rTNfZteIPnkl7inOFnDNwWFIMgAeuz8IOmOfMYl1wIfy8ZSbthas_w==

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 111 KB
21 KB 69ms
19ms Stylesheet
text/css 2600:9000:2104:2800:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2aa7ee31b0ae288fe00108c6b594bcef04278507b10ec45a721adaf2b0aa8505

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:55:43 GMT
content-encoding: gzip
age: 69336
x-cache: Hit from cloudfront
content-length: 20616
access-control-allow-origin: *
last-modified: Tue, 13 Apr 2021 15:03:50 GMT
server: AmazonS3
etag: "65477bdcdcd8a4c674450327ce80f274"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: VW6dqqoE_W2lF2hO8TK2NardqyQ2Yw9ezJFgM60zdcchzmJDCl-W4w==

GET
H2 200 uct5oqo.css
use.typekit.net/ 14 KB
2 KB 175ms
163ms Stylesheet
text/css 2a02:26f0:6c00::210:ba3b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/uct5oqo.css

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d56b1248ba3658f271a72ddd36e27d7858457fd5745e1c3746375b669c0c3414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sat, 17 Apr 2021 20:14:05 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1411

GET
H/1.1 200
OK script-error Show response
secure.ngpvan.com/js/ 246 B
538 B 25ms
25ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.ngpvan.com/js/script-error?v=LR3iM4M7kAES0Kfs-kdOEFlJ6eRhSmwTVMRMKnRLIxs1
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: secure.ngpvan.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Cookie: visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; TiPMix=63.0739226765344; x-ms-routing-name=self
Connection: keep-alive
Referer: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 20:14:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Apr 2021 06:12:09 GMT
X-CDN: Imperva
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 12-359643331-0 0CNN RT(1618690443507 475) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=31226286, public
Content-Length: 174
Expires: Thu, 14 Apr 2022 06:12:09 GMT

GET
H/1.1 200
OK bfa-logo-ngpvan.png
nvlupin.blob.core.windows.net/images/van/NGP/NGP22/1/73762/images/ 5 KB
5 KB 469ms
162ms Image
image/png 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP22/1/73762/images/bfa-logo-ngpvan.png
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 82752d3eb0732adedc9cdcf517ecf99ef28973e35f1a5d4fb73ada059f960802

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 17 Apr 2021 20:14:05 GMT
Last-Modified: Wed, 17 Jul 2019 20:53:26 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D70AF8D0B51EDE
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 022258a3-801e-0122-01c6-33399b000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 4949

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js.verygoodvault.com/vgs-collect/1/ 76 KB
24 KB 135ms
30ms Script
application/javascript 143.204.245.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-59.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf

Request headers

Origin: https://secure.ngpvan.com
Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MIiZqsZIbmUuLBPCQnATi6p_MgrmaU_3
Content-Encoding: gzip
ETag: W/"f3cecf4193fb217244937c56bee4b1b6"
Age: 133637
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 13 Dec 2019 10:03:51 GMT
Server: AmazonS3
Date: Fri, 16 Apr 2021 20:17:06 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 0562d7d213bde9a129ec458c631f9cef.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CPH50-C1
X-Amz-Cf-Id: FOlMiy8U0fgJQu8Bf-h7Xl7-iLwcRX2oYZgGt_7o1v05gEkGedvJbQ==

GET
H/1.1 200
OK _Incapsula_Resource Show response
secure.ngpvan.com/ 121 KB
17 KB 29ms
29ms Script
application/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.ngpvan.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=879077968
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9ed59a79db2ef0b4f9b88f72eb78c5566daf19b1577f7a6964b1837b0ac591e1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: secure.ngpvan.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Cookie: visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; TiPMix=63.0739226765344; x-ms-routing-name=self
Connection: keep-alive
Referer: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 17538
Content-Type: application/javascript

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 20ms
7ms Stylesheet
text/css 2a02:26f0:1700:68a::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=uct5oqo&ht=tk&f=4455.4616.5018.5045.25326.25327.36601.36602.36603.36604.36607.36608.36617.36618.36623.36624.36633.36634.36639.36640&a=454898&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uct5oqo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:68a::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 20:14:05 GMT
last-modified: Wed, 02 Sep 2020 04:05:58 GMT
server: nginx
etag: "5f4f1a26-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
38 KB 38ms
19ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM473M

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4d3b9210382b816abc1445d605f74fc3a09fceebbe6c357e5745f8b192457ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 20:14:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38689
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Apr 2021 20:14:05 GMT

GET
H2 200 l
use.typekit.net/af/359d41/00000000000000003b9b0eea/27/ 36 KB
36 KB 21ms
10ms Font
application/font-woff2 2a02:26f0:6c00::210:ba3b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/359d41/00000000000000003b9b0eea/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uct5oqo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 59c6a30bdc96ca4359841d35f675fb2b752432749d49f463b9324a34c4db5bdf

Request headers

Origin: https://secure.ngpvan.com
Referer: https://use.typekit.net/uct5oqo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 20:14:05 GMT
server: nginx
etag: "2d0a530caf015fc6f3e73559ee975f836e479656"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36920

GET
H2 200 l
use.typekit.net/af/3bd84d/00000000000000003b9b0ee4/27/ 36 KB
36 KB 22ms
11ms Font
application/font-woff2 2a02:26f0:6c00::210:ba3b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3bd84d/00000000000000003b9b0ee4/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uct5oqo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c8fe0e0eb99aaed1e886a2c942bd56ee4f8ae929f9d4bd9c695dc05c28837ccc

Request headers

Origin: https://secure.ngpvan.com
Referer: https://use.typekit.net/uct5oqo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 20:14:05 GMT
server: nginx
etag: "b277cd7c7bafa67136120009a2a8960d95cb675f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36668

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 117 KB
38 KB 30ms
9ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F5B) /
Resource Hash: 452738d27c3d427f83805f29a3ea0766761dc96fe0ea8f945e21ca67ace805ab

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Apr 2021 20:14:05 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: o5N/xOXHlfS1k41blJGwlA==
age: 1229
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.6.1.min.js
content-length: 38154
x-ms-lease-status: unlocked
last-modified: Tue, 30 Mar 2021 20:21:05 GMT
server: ECAcc (frc/8F5B)
x-ms-meta-aijssdkver: 2.6.1
etag: 0x8D8F3B958AE018D
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6ddff5de-f01e-001c-09c3-33ba15000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable
x-ms-version: 2009-09-19
expires: Sat, 17 Apr 2021 20:44:05 GMT

GET
H/1.1 200
OK _Incapsula_Resource
secure.ngpvan.com/ 1 B
123 B 27ms
26ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.ngpvan.com/_Incapsula_Resource?SWKMTFSR=1&e=0.41752912431779365
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: secure.ngpvan.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Cookie: visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; TiPMix=63.0739226765344; x-ms-routing-name=self; ai_user=w1ZBWWhWbsiThmq3ufdrMa|2021-04-17T20:14:05.180Z; ___utmvc=eaCEcPJ02CIA9y1n1MNF98YAWdnFjPdygjt8SR8o99Eqff+wxS5VQQ+LNzyoybbAKIxFOxv01FLb0Ysdyrj6o8RAZfm6yBe/EUIGpvLhybbHL52VBtT1PsUamAIbM9vzSF1/fZWQZIYncQZR4ATAihJFXEVThmr8u+q6HFOpD3aOb8zTcEm66vjNhaJ3McMJ3VamiWgt8erEdcQiluO5Eqk0ZTDCAR//6bKPzaR8xkDerSSBrSP/lO9gw5vfEhtpKpbjgh25ib6ZUd80WRzXDVMaae9IScNodm+7XkNLNj/cl0PrZTc6qQfGYiJXPlFHiTQgaay1tAQBvRfmLlnvKEs0qejs4hPQqqJJxSqMKN8XdBzl8RL7PeN83zNqfSZLCcDl14rI7VM7xOsBDQ0Jnxnn9VauywwCzbsHtrJOkok4uVyTc/kZpZ5T4OYDHyMjgFNzVmST7bXUlJBHvgZMhC9on8whk5VHnTnMCT+f6Qz7pJefs9zfgCD7+kNBqe7BoAWhawIKkh2XsMoXkwor94i1yOyqW9RkWzPSUAeLvr4kDmGKkRzb/Jtiz8I/ldXddoyhc6hn9I9jy8xWvNNkuPBm+G56yHrEZ5ZmKZVhVwjUXkDOvDiG2Bo9TrwwS5S16JGWJ2g9WszV2IpLWO181kGKOL+72GPs2gUHU00nFrd3R48BuJwQRP/Zg20xLYg24/uBRMv+7o67GE46U24uMuZOqwklKRluH2SQuoy9Sq/VMPFVQX6JX0EeRD6x1d7Lkh2vlHEi/fI3kF+41ZpalKbwj+C2KrYgYhzK8J80v0IS8FDOH4TX0/XoYmCpk4HUGcGzToNWWzt0M7C4ZwEQbFsMgI3Ob4A6silZrrsKYJYpX5BZ8VoCOOn0TwEpUt0kgeFcvzCE6VSMG0rjxUBUBjfWZiKkE2n4tY2fBtF+C1wN7zrhJf21FIc+nW+wL5KfD6OoqsxJnhmGZnLxhUyCFuuowa4MYuONsqsLiytgGhD08zipHnq9spPjN4pFvdMp09TY3/1LdKRwsn67M7Hl5AQ+dzxjZaMIc+GMSjpvZI0M8ULB3zmjzLq9btQXwPovzudxRORi6iQP+mTs8IHQAGcbtO2GcvTSb4/x/8pnKOVgMU+eKaF6lV2RUMH3mL9yf+Qs+M610sqDnlVgS1/7YuTgaqyikiZFues42sZh4m8SeAU5YCwfqVURKaw4TNDbKEjLQTxXj11megXcIQafTc2MX+6CYiqJTgWaSLiVWG+IkUEfhf6KRpqKXXjV0g8l0WZ0rItw4TBQY0QRZrjlyV2ftrzkIOko0zGRMVZrCGVxovxBphkr8v5UDZbOvKanPOmNT2U8EgnmWOXbSuA+DTurEGWn3Np4lf37yUlRiz7gBGRL/GNkzurU7IfG1j9jjAQr5sBtpHXrwI45CePfWMcFbzNcWAW6L2lU9MirQBKDViwrKUeHcC5Uno7oZdAPd6o/uKEFHwsz0bZsphz4Mqnr9hVdCC6ULksqQ8NpO8ZFTh7/W9CZW17hTCd+7lzZZu3m4hnZTnDcv6r4JnEuH9Wj/nhGMqSRhjrGW6eswWv+hBE1PR5bJxt5ovyOsFOtit5ju51IglE+p9iFe7yD1Bi1MMrRlnS4ThRXXWQDt5TDBY82xvHjnNNfLi/tMD4cYcBVY26uAoApMx4mAIJxslrM+tsRMeeKzEiKu8mb37IZwwe6kvbZ91SfH+8P/nfxhRUbFIy98ZtUuqZ8/r3cwcImsYSxzxgOiPQ2f73qW0V63A+lhSM6hc86wiRFLaZ27raXf/bhx5pGwhKzPsAk2XxrcxeQqm1kvbrMGwKltxpknIrkgVjlh46I2DiNXZKnyVjXxYdpny8y3USMk+qtiN6LCrzvTlVbN4cAs7JekPbKUalqYUOhvdKwSNZoIX247WewFDdxLuua4vWKOsia4tf82sWDepgb6jRr8l93gMZPG5C2KJZptWyqrGfPqARgAf2BHOun5LJ2TKIuGvOpT3IPuKpZLH5w0x0I4hAoj3YxgDfLKk5MpAj170oT2cjiLGRpZ2VzdD0xNDAxODYscz02M2E0N2Y3MzllYTVhOTY3NjQ3NDg5YTA4NjY1NzhhOWFjN2RhMTlmOTI5ZjkwNmE3ZTk2OTE2YTg1YTA4N2FlODhhYjZiNjY3YjliNmQ2ZQ==
Connection: keep-alive
Referer: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H2 200 identity Show response
profile.ngpvan.com/ 72 B
1 KB 335ms
257ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

e5ea29f4f5e03c400ba5f4a342f1bf1f2bc5e4c34f7b5d7be5008fe8eb525e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 20:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo: 10-266171161-266171162 2NNN RT(1618690444461 0) q(0 0 0 0) r(2 2)
x-cdn: Imperva
content-type: text/javascript; charset=utf-8
content-length: 190
etag: W/"48-TYIdzw/9E5HsBXtQ6FWjl+dgj9c"
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
36 KB 33ms
19ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f04a808d58daa30b9d17e72d31baa4ceb4be3f9a3b13f7d23f202c1aacc98c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 20:14:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36382
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Apr 2021 20:14:05 GMT

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 92 KB
16 KB 21ms
20ms Stylesheet
text/css 2600:9000:2104:2800:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf59326a4d95e837dd9e10a0e55474d6c3de3c82ad092a057f6eed1f190502cc

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:19:28 GMT
content-encoding: gzip
age: 71418
x-cache: Hit from cloudfront
content-length: 15885
access-control-allow-origin: *
last-modified: Tue, 13 Apr 2021 15:03:50 GMT
server: AmazonS3
etag: "805d21f0cf3743a20359c333a7dfffbf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: wR7TiBosirer5XOAZs_1Ambs_O-jXNxmtkp04A7KsWwECqNeUudMFw==

GET
H/1.1 200
OK Cookie set OC1wKu5tn0O90-kiea46kg2 Show response
secure.ngpvan.com/v1/Forms/ 19 KB
7 KB 157ms
157ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/OC1wKu5tn0O90-kiea46kg2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ffecb926894dabfee9536fd1f61cff12d1ce2470cf3e285bb2a9c6453298e2b2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Accept-Encoding: gzip, deflate, br
traceparent: 00-c54fc36c4c3f430686068b4b85b3749b-aa4fbdc8ee6f4781-01
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; TiPMix=63.0739226765344; x-ms-routing-name=self; ai_user=w1ZBWWhWbsiThmq3ufdrMa|2021-04-17T20:14:05.180Z; ___utmvc=eaCEcPJ02CIA9y1n1MNF98YAWdnFjPdygjt8SR8o99Eqff+wxS5VQQ+LNzyoybbAKIxFOxv01FLb0Ysdyrj6o8RAZfm6yBe/EUIGpvLhybbHL52VBtT1PsUamAIbM9vzSF1/fZWQZIYncQZR4ATAihJFXEVThmr8u+q6HFOpD3aOb8zTcEm66vjNhaJ3McMJ3VamiWgt8erEdcQiluO5Eqk0ZTDCAR//6bKPzaR8xkDerSSBrSP/lO9gw5vfEhtpKpbjgh25ib6ZUd80WRzXDVMaae9IScNodm+7XkNLNj/cl0PrZTc6qQfGYiJXPlFHiTQgaay1tAQBvRfmLlnvKEs0qejs4hPQqqJJxSqMKN8XdBzl8RL7PeN83zNqfSZLCcDl14rI7VM7xOsBDQ0Jnxnn9VauywwCzbsHtrJOkok4uVyTc/kZpZ5T4OYDHyMjgFNzVmST7bXUlJBHvgZMhC9on8whk5VHnTnMCT+f6Qz7pJefs9zfgCD7+kNBqe7BoAWhawIKkh2XsMoXkwor94i1yOyqW9RkWzPSUAeLvr4kDmGKkRzb/Jtiz8I/ldXddoyhc6hn9I9jy8xWvNNkuPBm+G56yHrEZ5ZmKZVhVwjUXkDOvDiG2Bo9TrwwS5S16JGWJ2g9WszV2IpLWO181kGKOL+72GPs2gUHU00nFrd3R48BuJwQRP/Zg20xLYg24/uBRMv+7o67GE46U24uMuZOqwklKRluH2SQuoy9Sq/VMPFVQX6JX0EeRD6x1d7Lkh2vlHEi/fI3kF+41ZpalKbwj+C2KrYgYhzK8J80v0IS8FDOH4TX0/XoYmCpk4HUGcGzToNWWzt0M7C4ZwEQbFsMgI3Ob4A6silZrrsKYJYpX5BZ8VoCOOn0TwEpUt0kgeFcvzCE6VSMG0rjxUBUBjfWZiKkE2n4tY2fBtF+C1wN7zrhJf21FIc+nW+wL5KfD6OoqsxJnhmGZnLxhUyCFuuowa4MYuONsqsLiytgGhD08zipHnq9spPjN4pFvdMp09TY3/1LdKRwsn67M7Hl5AQ+dzxjZaMIc+GMSjpvZI0M8ULB3zmjzLq9btQXwPovzudxRORi6iQP+mTs8IHQAGcbtO2GcvTSb4/x/8pnKOVgMU+eKaF6lV2RUMH3mL9yf+Qs+M610sqDnlVgS1/7YuTgaqyikiZFues42sZh4m8SeAU5YCwfqVURKaw4TNDbKEjLQTxXj11megXcIQafTc2MX+6CYiqJTgWaSLiVWG+IkUEfhf6KRpqKXXjV0g8l0WZ0rItw4TBQY0QRZrjlyV2ftrzkIOko0zGRMVZrCGVxovxBphkr8v5UDZbOvKanPOmNT2U8EgnmWOXbSuA+DTurEGWn3Np4lf37yUlRiz7gBGRL/GNkzurU7IfG1j9jjAQr5sBtpHXrwI45CePfWMcFbzNcWAW6L2lU9MirQBKDViwrKUeHcC5Uno7oZdAPd6o/uKEFHwsz0bZsphz4Mqnr9hVdCC6ULksqQ8NpO8ZFTh7/W9CZW17hTCd+7lzZZu3m4hnZTnDcv6r4JnEuH9Wj/nhGMqSRhjrGW6eswWv+hBE1PR5bJxt5ovyOsFOtit5ju51IglE+p9iFe7yD1Bi1MMrRlnS4ThRXXWQDt5TDBY82xvHjnNNfLi/tMD4cYcBVY26uAoApMx4mAIJxslrM+tsRMeeKzEiKu8mb37IZwwe6kvbZ91SfH+8P/nfxhRUbFIy98ZtUuqZ8/r3cwcImsYSxzxgOiPQ2f73qW0V63A+lhSM6hc86wiRFLaZ27raXf/bhx5pGwhKzPsAk2XxrcxeQqm1kvbrMGwKltxpknIrkgVjlh46I2DiNXZKnyVjXxYdpny8y3USMk+qtiN6LCrzvTlVbN4cAs7JekPbKUalqYUOhvdKwSNZoIX247WewFDdxLuua4vWKOsia4tf82sWDepgb6jRr8l93gMZPG5C2KJZptWyqrGfPqARgAf2BHOun5LJ2TKIuGvOpT3IPuKpZLH5w0x0I4hAoj3YxgDfLKk5MpAj170oT2cjiLGRpZ2VzdD0xNDAxODYscz02M2E0N2Y3MzllYTVhOTY3NjQ3NDg5YTA4NjY1NzhhOWFjN2RhMTlmOTI5ZjkwNmE3ZTk2OTE2YTg1YTA4N2FlODhhYjZiNjY3YjliNmQ2ZQ==
Connection: keep-alive
Request-Id: |c54fc36c4c3f430686068b4b85b3749b.aa4fbdc8ee6f4781
Pragma: no-cache
Host: secure.ngpvan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Referer: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Sec-Fetch-Site: same-origin
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
X-Requested-With: XMLHttpRequest
traceparent: 00-c54fc36c4c3f430686068b4b85b3749b-aa4fbdc8ee6f4781-01
Request-Id: |c54fc36c4c3f430686068b4b85b3749b.aa4fbdc8ee6f4781
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 12-359643331-359643339 SNNN RT(1618690443507 911) q(0 0 0 -1) r(1 1) U2
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma: no-cache
Last-Modified: Sat, 17 Apr 2021 20:14:05 GMT
Date: Sat, 17 Apr 2021 20:14:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
ETag: "e081e7a5-c937-429c-8a0b-2592326e61bd"
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Set-Cookie: ___utmvc=a; Max-Age=0; path=/; expires=Sun, 28 Mar 2021 03:31:54 GMT ; Secure; SameSite=None; SameSite=None; Secure
Expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 1063
date: Sat, 17 Apr 2021 19:56:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sat, 17 Apr 2021 21:56:22 GMT

GET
H2 200 identity Show response
fastaction.ngpvan.com/api/v1/ 186 B
1 KB 463ms
437ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1618690445499=

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

37ef272b0a57c3a8c07f26a17ed50dea0efe7b92088fd1c915c27697285c9ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
via: 1.1 vegur
x-content-type-options: nosniff
server: Cowboy
content-encoding: gzip
x-powered-by: Express
vary: Accept-Encoding
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo: 10-266171197-266171198 NNYN CT(76 173 0) RT(1618690444612 0) q(0 0 2 0) r(4 4) U18
cache-control: max-age=0
date: Sat, 17 Apr 2021 20:14:05 GMT
etag: W/"ba-jUUTU7k3AB6ofknF/Y2zAYOywqo"
content-type: text/javascript; charset=utf-8
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/ 94 KB
95 KB 30ms
30ms Font
application/font-woff2 2600:9000:2104:2800:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Origin: https://secure.ngpvan.com
Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:37:56 GMT
via: 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
age: 2296
x-cache: Hit from cloudfront
content-length: 96388
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: IkWQ9kXFcYg7tcTP4NhuVjhPVDNglieShEOGV8ZtboZVSspuHl8e3g==

GET
H2 200 l
use.typekit.net/af/e69b71/00000000000000003b9b0ee6/27/ 36 KB
36 KB 6ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba3b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e69b71/00000000000000003b9b0ee6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uct5oqo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b319f28c8906276368c953984303f7769aaa9c4a1f4880b39a07992536ba7a29

Request headers

Origin: https://secure.ngpvan.com
Referer: https://use.typekit.net/uct5oqo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 20:14:05 GMT
server: nginx
etag: "b24ceaf907bd43dca3139d51fc7f8f6f1c1d4f33"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 36620

GET
H2 200 l
use.typekit.net/af/cf8ade/000000000000000000017201/27/ 11 KB
11 KB 20ms
20ms Font
application/font-woff2 2a02:26f0:6c00::210:ba3b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cf8ade/000000000000000000017201/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uct5oqo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 514c7781614237bd5a047e9f22f5bde4e265e4fc440ae89bea4120115c68d4aa

Request headers

Origin: https://secure.ngpvan.com
Referer: https://use.typekit.net/uct5oqo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 20:14:05 GMT
server: nginx
etag: "b31b687b5da8dee7082af4f5346b0bf1266c4705"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11220

GET
H2 200 intl-tel.input.utils.js Show response
d3rse9xjbp8270.cloudfront.net/assets/js/ 229 KB
52 KB 16ms
16ms Script
application/javascript 2600:9000:2104:2800:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/js/intl-tel.input.utils.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 01:56:59 GMT
content-encoding: gzip
age: 5768227
x-cache: Hit from cloudfront
content-length: 52457
access-control-allow-origin: *
last-modified: Thu, 03 Oct 2019 17:12:46 GMT
server: AmazonS3
etag: "0e171f16b707862d9a5a9168f0edc967"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 5Hgflw-XBZZEj9NDWXHmt5JJcSQcG2ebD18HGTnp4Dqmx7t05UT-2Q==

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 flags.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 20 KB
20 KB 17ms
16ms Image
image/png 2600:9000:2104:2800:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/flags.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 01:52:41 GMT
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
age: 3349285
x-cache: Hit from cloudfront
content-length: 20389
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: hYr35s0wLLfYXOX6YFkabnqOMRlKnEz5fc5U8kIjNAklKJL_Tb12rw==

GET
H/1.1 200
OK Cookie set OC1wKu5tn0O90-kiea46kg2
secure.ngpvan.com/v1/Track/ 0
628 B 127ms
127ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.ngpvan.com/v1/Track/OC1wKu5tn0O90-kiea46kg2?formSessionId=1809b1c3-9222-413e-8764-b6c1f6cecbda

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: secure.ngpvan.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Cookie: visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; TiPMix=63.0739226765344; x-ms-routing-name=self; ai_user=w1ZBWWhWbsiThmq3ufdrMa|2021-04-17T20:14:05.180Z; ai_session=YvnBok4UHB3npKbKIUmuyJ|1618690445393|1618690445393
Connection: keep-alive
Referer: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Imperva
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Date: Sat, 17 Apr 2021 20:14:04 GMT
X-Frame-Options: SAMEORIGIN
X-Iinfo: 12-359643331-359643339 SNNN RT(1618690443507 1159) q(0 0 0 -1) r(1 1) U2
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Set-Cookie: ; Secure; SameSite=None; SameSite=None; Secure
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H2 200 fast-action.svg
d3rse9xjbp8270.cloudfront.net/assets/images/ 9 KB
9 KB 15ms
15ms Image
image/svg+xml 2600:9000:2104:2800:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/fast-action.svg
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:2800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:03:52 GMT
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
age: 83414
x-cache: Hit from cloudfront
content-length: 9203
last-modified: Wed, 08 Jan 2020 18:06:45 GMT
server: AmazonS3
etag: "babd47dc25531a9faeadc04f1afa1910"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: oZCki-4tKcmm14zZsyOhVsEKG8nICFtOD0bEQRxKJUqYv9cqa3w5qg==

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/1/lib/ Frame F3A9 364 B
910 B 91ms
29ms Document
text/html 143.204.245.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId17021910600504038324&formId=randomId1707971127273293097&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-59.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d80fc8c0cc52b5b894facc0ce5ec6ea3ece6de521244eed51ce28f3c79120077

Request headers

Host: js.verygoodvault.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.ngpvan.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://secure.ngpvan.com/

Response headers

Content-Type: text/html
Content-Length: 364
Connection: keep-alive
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
x-amz-version-id: Y32ydhKm.okR8ywruNeZz3X7lZoLPNyq
Accept-Ranges: bytes
Server: AmazonS3
Access-Control-Allow-Origin: *
Date: Sat, 17 Apr 2021 16:55:01 GMT
ETag: "9ccd2ada3eb09f1091deab9e7f29cd73"
X-Cache: Hit from cloudfront
Via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CPH50-C1
X-Amz-Cf-Id: UqaqskBtR0GvBJYJu2Aabv4DXnZKLK36WypiIwyi1ciYRrVzpEhY-A==
Age: 67736

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/1/lib/ Frame 622E 364 B
910 B 90ms
29ms Document
text/html 143.204.245.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId170058645842181841434&formId=randomId1707971127273293097&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-59.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d80fc8c0cc52b5b894facc0ce5ec6ea3ece6de521244eed51ce28f3c79120077

Request headers

Host: js.verygoodvault.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.ngpvan.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://secure.ngpvan.com/

Response headers

Content-Type: text/html
Content-Length: 364
Connection: keep-alive
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
x-amz-version-id: Y32ydhKm.okR8ywruNeZz3X7lZoLPNyq
Accept-Ranges: bytes
Server: AmazonS3
Access-Control-Allow-Origin: *
Date: Sat, 17 Apr 2021 16:55:01 GMT
ETag: "9ccd2ada3eb09f1091deab9e7f29cd73"
X-Cache: Hit from cloudfront
Via: 1.1 6e7498469e2ca10a35f5f52ababba925.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CPH50-C1
X-Amz-Cf-Id: 3Yctvo1zgzvGxQaR9aWVlg6PBb5gYwg6jo4NrtotCddH2v8YT85_ww==
Age: 67736

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1782580567&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utt=165&_u=YEBAAEABAAAAAC~&jid=365352876&gjid=388532689&cid=1755574894.1618690446&tid=UA-28243511-22&_gid=690850052.1618690446&_r=1&gtm=2wg4725L2FSL&z=389668125

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 20:14:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.ngpvan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 23ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1782580567&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=EventForm&ea=Form%20Load&el=Minimal&ev=16&_u=YEDAAEABAAAAAC~&jid=1861763817&gjid=657439259&cid=1755574894.1618690446&tid=UA-28243511-20&_gid=690850052.1618690446&_r=1&gtm=2wg4725L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP22%2F1%2F73762&cd4=1004054&cd5=092319BOCHI&cd6=OC1wKu5tn0O90-kiea46kg2&z=328663614

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 20:14:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.ngpvan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
444 B 40ms
15ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-28243511-20&cid=1755574894.1618690446&jid=1024495874&gjid=1225376666&_gid=690850052.1618690446&_u=YGDAgEABAAAAAG~&z=1465148742

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 17 Apr 2021 20:14:05 GMT
content-type: text/plain
access-control-allow-origin: https://secure.ngpvan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=1782580567&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAC~&jid=1024495874&gjid=1225376666&cid=1755574894.1618690446&tid=UA-28243511-20&_gid=690850052.1618690446&gtm=2wg4725L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP22%2F1%2F73762&cd4=1004054&cd5=092319BOCHI&cd6=OC1wKu5tn0O90-kiea46kg2&z=1415887527

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 10:05:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36528
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=1782580567&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utt=9&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1755574894.1618690446&tid=UA-28243511-22&_gid=690850052.1618690446&gtm=2wg4725L2FSL&z=1610559512

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 10:05:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36528
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=1782580567&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utt=65&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1755574894.1618690446&tid=UA-28243511-22&_gid=690850052.1618690446&gtm=2wg4725L2FSL&z=1797279859

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 10:05:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36528
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=1782580567&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utt=4&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1755574894.1618690446&tid=UA-28243511-22&_gid=690850052.1618690446&gtm=2wg4725L2FSL&z=537240269

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 10:05:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36528
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=1782580567&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utt=246&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1755574894.1618690446&tid=UA-28243511-22&_gid=690850052.1618690446&gtm=2wg4725L2FSL&z=308629233

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 10:05:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36528
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=1782580567&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FOC1wKu5tn0O90-kiea46kg2&ul=en-us&de=UTF-8&dt=Join%20us%20for%20an%20evening%20with%20Beto%20O%27Rourke%20%7C%20Beto%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=275&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1755574894.1618690446&tid=UA-28243511-22&_gid=690850052.1618690446&gtm=2wg4725L2FSL&z=764292138

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 10:05:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36528
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nvtag Show response
profile.ngpvan.com/v2/data/7nz6idAD5C0ojLLaoiczAOQt/ 2 B
943 B 548ms
500ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/7nz6idAD5C0ojLLaoiczAOQt/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 20:14:06 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.ngpvan.com
x-iinfo: 12-359643660-359643668 NNNN CT(0 0 2) RT(1618690445019 0) q(0 0 4 24) r(4 4) U12
access-control-allow-credentials: true
content-length: 123
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-28243511-20&cid=1755574894.1618690446&jid=1861763817&gjid=657439259&_gid=690850052.1618690446&_u=YEDAAEABAAAAAC~&z=88050586

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 17 Apr 2021 20:14:05 GMT
content-type: text/plain
access-control-allow-origin: https://secure.ngpvan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK application.79e1c4bdbd2f9f27a4a3.css
js.verygoodvault.com/vgs-collect/1/lib/ Frame 622E 74 KB
30 KB 30ms
30ms Stylesheet
text/css 143.204.245.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.css
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId170058645842181841434&formId=randomId1707971127273293097&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-59.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15a2e567e0cd332fe8db4a82333fd854727e9c959beaeda54ece12aa07719353

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId170058645842181841434&formId=randomId1707971127273293097&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cCbufO_ebum5aJCKWyZMP79Y8Ljox1pp
Content-Encoding: gzip
ETag: W/"82263942809c4598900333534c8d15f9"
Age: 110038
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
Server: AmazonS3
Date: Sat, 17 Apr 2021 05:56:07 GMT
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CPH50-C1
X-Amz-Cf-Id: PrsXOUxCOWKPIluZxY9Qpy80dWWuiSfrXb5D9HTDUWaD1sAV0AnuDA==

GET
H/1.1 200
OK application.79e1c4bdbd2f9f27a4a3.js Show response
js.verygoodvault.com/vgs-collect/1/lib/ Frame 622E 285 KB
88 KB 30ms
29ms Script
application/javascript 143.204.245.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId170058645842181841434&formId=randomId1707971127273293097&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-59.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27e7fd5d7e731d070e772e6c36e0637065b639fe1657332820e94f7382094ad6

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId170058645842181841434&formId=randomId1707971127273293097&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: u5eKO1e1oOiq8Z45mqgA.YXfbeZi8_AD
Content-Encoding: gzip
ETag: W/"cc5465b1fe8ef0d6a02482a43c893d62"
Age: 55352
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
Server: AmazonS3
Date: Sat, 17 Apr 2021 18:12:52 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 6e7498469e2ca10a35f5f52ababba925.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CPH50-C1
X-Amz-Cf-Id: imyXrlP4Xpw-RDkF9XgEkQBj-2Ioh9Qa6OJ4C2z69mjKn-LI45SgmA==

GET
H/1.1 200
OK application.79e1c4bdbd2f9f27a4a3.css
js.verygoodvault.com/vgs-collect/1/lib/ Frame F3A9 74 KB
30 KB 75ms
38ms Stylesheet
text/css 143.204.245.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.css
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId17021910600504038324&formId=randomId1707971127273293097&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-59.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15a2e567e0cd332fe8db4a82333fd854727e9c959beaeda54ece12aa07719353

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId17021910600504038324&formId=randomId1707971127273293097&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cCbufO_ebum5aJCKWyZMP79Y8Ljox1pp
Content-Encoding: gzip
ETag: W/"82263942809c4598900333534c8d15f9"
Age: 110038
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
Server: AmazonS3
Date: Sat, 17 Apr 2021 05:56:07 GMT
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CPH50-C1
X-Amz-Cf-Id: LvZ5zKPYkh4dmyGN-wvPKGULiCkDBvClgUBVkpvGb1FRWK92dkCUuw==

GET
H/1.1 200
OK application.79e1c4bdbd2f9f27a4a3.js Show response
js.verygoodvault.com/vgs-collect/1/lib/ Frame F3A9 285 KB
88 KB 89ms
30ms Script
application/javascript 143.204.245.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId17021910600504038324&formId=randomId1707971127273293097&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-59.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27e7fd5d7e731d070e772e6c36e0637065b639fe1657332820e94f7382094ad6

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId17021910600504038324&formId=randomId1707971127273293097&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: u5eKO1e1oOiq8Z45mqgA.YXfbeZi8_AD
Content-Encoding: gzip
ETag: W/"cc5465b1fe8ef0d6a02482a43c893d62"
Age: 55352
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
Server: AmazonS3
Date: Sat, 17 Apr 2021 18:12:52 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 7c587fa0463f61b130aff5ca04c29170.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CPH50-C1
X-Amz-Cf-Id: EQkzoQfU23DP4bNQzpvEHk_vnjdwXmXQkJjghhPCD7S3oOEOYf6QRQ==

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ Frame 622E 0
156 B 311ms
97ms XHR
text/plain 18.232.239.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vgs-collect-keeper.apps.verygood.systems/vgs

Requested by

Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.232.239.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-239-219.compute-1.amazonaws.com

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.verygoodvault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.verygoodvault.com
date: Sat, 17 Apr 2021 20:14:06 GMT
vary: Origin
x-powered-by: Express
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ Frame F3A9 0
157 B 262ms
97ms XHR
text/plain 18.232.239.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vgs-collect-keeper.apps.verygood.systems/vgs

Requested by

Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.232.239.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-239-219.compute-1.amazonaws.com

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.verygoodvault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.verygoodvault.com
date: Sat, 17 Apr 2021 20:14:06 GMT
vary: Origin
x-powered-by: Express
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 42ms
13ms Preflight 51.107.59.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://secure.ngpvan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Sat, 17 Apr 2021 20:14:06 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 98 B
237 B 941ms
941ms XHR
application/json 51.107.59.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: D2C4843F-232F-4D05-A0E3-812A4BEEA112
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sat, 17 Apr 2021 20:14:07 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 98

GET
H/1.1 204
No Content 7nz6idAD5C0ojLLaoiczAOQt Show response
secure.everyaction.com/Databag/Profile/ 0
1 KB 427ms
360ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/7nz6idAD5C0ojLLaoiczAOQt

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.ngpvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Imperva
Date: Sat, 17 Apr 2021 20:14:06 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://secure.ngpvan.com
X-Iinfo: 12-359643745-359643753 NNNN CT(78 152 0) RT(1618690445565 38) q(0 0 2 4) r(3 3) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content Cookie set 7nz6idAD5C0ojLLaoiczAOQt Show response
secure.ngpvan.com/Databag/Profile/ 0
726 B 116ms
116ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/7nz6idAD5C0ojLLaoiczAOQt

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: secure.ngpvan.com
traceparent: 00-c54fc36c4c3f430686068b4b85b3749b-d403afa2b84f4029-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept-Language: en-US
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
Cookie: visid_incap_1002065=ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3; nlbi_1002065=VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M; incap_ses_9153_1002065=4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==; TiPMix=63.0739226765344; x-ms-routing-name=self; ai_user=w1ZBWWhWbsiThmq3ufdrMa|2021-04-17T20:14:05.180Z; ai_session=YvnBok4UHB3npKbKIUmuyJ|1618690445393|1618690445393; visid_incap_2233503=e6R+rOPrRFCnRGWJwcXjQ4xBe2AAAAAAQUIPAAAAAABU5m86t3rLuzvFcGTYFu16; incap_ses_9153_2233503=xA+DPqIFsEfakpJmJP0Ff4xBe2AAAAAApp9113hrR2+zcstbgB2wHw==; nlbi_2233503=FuQJT15kTmc0vS2HvIV21QAAAAATBffKHi4ZDl1Sy5Ta62FK; _ga=GA1.2.1755574894.1618690446; _gid=GA1.2.690850052.1618690446; _gat_UA-28243511-22=1; _gat_UA-28243511-20=1; _dc_gtm_UA-28243511-20=1; visid_incap_972453=vW2QdghlRC6CfWvWAR8G04xBe2AAAAAAQUIPAAAAAACGXvZgznXJLsIg4w+wsUoy; nlbi_972453=bgcuE6hyxF0IyyhgMvukzwAAAAD3jPa2y10btrNDcEVZ9cPU; incap_ses_9153_972453=09IeS+6HYzoGk5JmJP0Ff41Be2AAAAAAVzLT4rRvFYaTFqjPP36gXQ==
Connection: keep-alive
Request-Id: |c54fc36c4c3f430686068b4b85b3749b.d403afa2b84f4029
Accept: */*
Referer: https://secure.ngpvan.com/OC1wKu5tn0O90-kiea46kg2
traceparent: 00-c54fc36c4c3f430686068b4b85b3749b-d403afa2b84f4029-01
Request-Id: |c54fc36c4c3f430686068b4b85b3749b.d403afa2b84f4029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Imperva
Date: Sat, 17 Apr 2021 20:14:05 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
X-Iinfo: 12-359643331-359643339 SNNN RT(1618690443507 2017) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Set-Cookie: ProfileDatabagId=7nz6idAD5C0ojLLaoiczAOQt; domain=.ngpvan.com; expires=Thu, 17-Apr-2031 20:14:06 GMT; path=/; Secure; SameSite=None; SameSite=None; Secure
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ngpvan.com/	1970-01-19 17:38:10	Name: _gat_UA-28243511-22 Value: 1
.ngpvan.com/	1970-01-19 17:39:36	Name: _gid Value: GA1.2.690850052.1618690446
.ngpvan.com/	1970-01-20 11:09:22	Name: _ga Value: GA1.2.1755574894.1618690446
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_972453 Value: bgcuE6hyxF0IyyhgMvukzwAAAAD3jPa2y10btrNDcEVZ9cPU
.ngpvan.com/	1970-01-20 02:22:46	Name: visid_incap_2233503 Value: e6R+rOPrRFCnRGWJwcXjQ4xBe2AAAAAAQUIPAAAAAABU5m86t3rLuzvFcGTYFu16
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_2233503 Value: FuQJT15kTmc0vS2HvIV21QAAAAATBffKHi4ZDl1Sy5Ta62FK
.ngpvan.com/	1970-01-19 17:38:10	Name: _dc_gtm_UA-28243511-20 Value: 1
secure.ngpvan.com/	1970-01-19 17:38:12	Name: ai_session Value: YvnBok4UHB3npKbKIUmuyJ\|1618690445393\|1618690445393
.ngpvan.com/	1970-01-19 17:38:10	Name: _gat_UA-28243511-20 Value: 1
secure.ngpvan.com/	1970-01-20 02:23:46	Name: ai_user Value: w1ZBWWhWbsiThmq3ufdrMa\|2021-04-17T20:14:05.180Z
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_9153_1002065 Value: 4SAiFf1fowC+kZJmJP0Ff4tBe2AAAAAAJH0cGwwL2QE6q7aZtEpyRA==
.secure.ngpvan.com/	1970-01-19 17:38:14	Name: TiPMix Value: 63.0739226765344
.ngpvan.com/	1970-01-20 02:22:46	Name: visid_incap_972453 Value: vW2QdghlRC6CfWvWAR8G04xBe2AAAAAAQUIPAAAAAACGXvZgznXJLsIg4w+wsUoy
.secure.ngpvan.com/	1970-01-19 17:38:14	Name: x-ms-routing-name Value: self
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_9153_2233503 Value: xA+DPqIFsEfakpJmJP0Ff4xBe2AAAAAApp9113hrR2+zcstbgB2wHw==
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_9153_972453 Value: 09IeS+6HYzoGk5JmJP0Ff41Be2AAAAAAVzLT4rRvFYaTFqjPP36gXQ==
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_1002065 Value: VLU3EKWtuBSdUd+gfhzfAAAAAADiNi6syyzzIjnQK++JYa9M
.ngpvan.com/	1970-01-20 02:22:47	Name: visid_incap_1002065 Value: ULCCCwyhQFme7YmXeYh1/ItBe2AAAAAAQUIPAAAAAACtnq2zwf6AaoJl4m/jAhA3

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Downloading: 165.023193359375 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Processing: 8.382080078125 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Render: 64.008056640625 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Fill: 3.96728515625 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Form: 245.44580078125 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Total: 274.775146484375 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
p.typekit.net
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
stats.g.doubleclick.net
use.typekit.net
vgs-collect-keeper.apps.verygood.systems
www.google-analytics.com
www.googletagmanager.com
143.204.245.59
18.232.239.219
2600:9000:2104:2800:12:303c:8700:21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:801::2008
2a00:1450:4001:80e::200e
2a00:1450:400c:c0d::9b
2a02:26f0:1700:68a::19fd
2a02:26f0:6c00::210:ba3b
45.60.33.183
51.107.59.180
52.239.157.138
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
15a2e567e0cd332fe8db4a82333fd854727e9c959beaeda54ece12aa07719353
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
27e7fd5d7e731d070e772e6c36e0637065b639fe1657332820e94f7382094ad6
2aa7ee31b0ae288fe00108c6b594bcef04278507b10ec45a721adaf2b0aa8505
37ef272b0a57c3a8c07f26a17ed50dea0efe7b92088fd1c915c27697285c9ded
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
452738d27c3d427f83805f29a3ea0766761dc96fe0ea8f945e21ca67ace805ab
47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72
4a265f576c545ebfe2fc1f094863ef2428c8cc8828f9f485f968cb2a30e23f66
514c7781614237bd5a047e9f22f5bde4e265e4fc440ae89bea4120115c68d4aa
59c6a30bdc96ca4359841d35f675fb2b752432749d49f463b9324a34c4db5bdf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
82752d3eb0732adedc9cdcf517ecf99ef28973e35f1a5d4fb73ada059f960802
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e
9ed59a79db2ef0b4f9b88f72eb78c5566daf19b1577f7a6964b1837b0ac591e1
b319f28c8906276368c953984303f7769aaa9c4a1f4880b39a07992536ba7a29
b4d3b9210382b816abc1445d605f74fc3a09fceebbe6c357e5745f8b192457ea
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c
c8a28de79420d240b67e5b0e5c878c62ffdd15cc5297492ff61a448622c0507b
c8fe0e0eb99aaed1e886a2c942bd56ee4f8ae929f9d4bd9c695dc05c28837ccc
cf59326a4d95e837dd9e10a0e55474d6c3de3c82ad092a057f6eed1f190502cc
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf
d56b1248ba3658f271a72ddd36e27d7858457fd5745e1c3746375b669c0c3414
d80fc8c0cc52b5b894facc0ce5ec6ea3ece6de521244eed51ce28f3c79120077
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ea29f4f5e03c400ba5f4a342f1bf1f2bc5e4c34f7b5d7be5008fe8eb525e15
f04a808d58daa30b9d17e72d31baa4ceb4be3f9a3b13f7d23f202c1aacc98c7f
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc
ffecb926894dabfee9536fd1f61cff12d1ce2470cf3e285bb2a9c6453298e2b2

secure.ngpvan.com Open in urlscan Pro 45.60.33.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

50 Requests

100 %HTTPS

58 %IPv6

12 Domains

15 Subdomains

13 IPs

4 Countries

1003 kBTransfer

2835 kBSize

18 Cookies

7 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.ngpvan.com Open in urlscan Pro
45.60.33.183 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

58 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

1003 kB
Transfer

2835 kB
Size

18
Cookies

50 HTTP transactions
2 data transactions