urlscan.io logo urlscan.io
SecurityTrails logo

secure.ngpvan.com Open in urlscan Pro
45.60.33.183  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Submission: On October 01 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.ngpvan.com. The Cisco Umbrella rank of the primary domain is 236540.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on November 7th 2023. Valid for: a year.
This is the only time secure.ngpvan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 45.60.33.183 19551 (INCAPSULA)
5 2600:9000:249... 16509 (AMAZON-02)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 20.209.68.129 8075 (MICROSOFT...)
1 18.66.192.68 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:2800:133... 15133 (EDGECAST)
2 20.50.88.242 8075 (MICROSOFT...)
22 8
8    45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)
secure.ngpvan.com
fastaction.ngpvan.com
5    2600:9000:2490:3800:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.everyaction.com
3    2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    20.209.68.129 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nvlupin.blob.core.windows.net
1    18.66.192.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-68.muc50.r.cloudfront.net
js.verygoodvault.com
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    20.50.88.242 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
8 ngpvan.com
secure.ngpvan.com — Cisco Umbrella Rank: 236540
fastaction.ngpvan.com — Cisco Umbrella Rank: 110303
41 KB
5 everyaction.com
static.everyaction.com — Cisco Umbrella Rank: 68282
276 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 515
p.typekit.net — Cisco Umbrella Rank: 683
68 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 788
200 B
2 windows.net
nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 97185
311 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 3516
47 KB
1 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 30814
44 KB
22 7
Domain Requested by
7 secure.ngpvan.com 1 redirects secure.ngpvan.com
static.everyaction.com
5 static.everyaction.com secure.ngpvan.com
static.everyaction.com
3 use.typekit.net secure.ngpvan.com
use.typekit.net
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 nvlupin.blob.core.windows.net secure.ngpvan.com
1 fastaction.ngpvan.com static.everyaction.com
1 az416426.vo.msecnd.net secure.ngpvan.com
1 p.typekit.net use.typekit.net
1 js.verygoodvault.com secure.ngpvan.com
22 9

This site contains links to these domains. Also see Links.

Domain
fastaction.ngpvan.com
Subject Issuer Validity Valid
*.ngpvan.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-11-07 -
2024-11-06		 a year crt.sh
static.everyaction.com
Amazon RSA 2048 M03		 2024-04-08 -
2025-05-07		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-27 -
2025-09-27		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-03-27 -
2025-03-22		 a year crt.sh
*.verygoodvault.com
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-09-08 -
2025-09-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Frame ID: 9898F8A1FFC268F79E73AA9261C3F02C
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Email Preferences

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

22
Requests

95 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

787 kB
Transfer

1734 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://secure.ngpvan.com/favicon.ico HTTP 301
  • https://secure.ngpvan.com/Content/images/favicon.ico

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request J9Dc25pEuEilBkYRyyOYLQ2
secure.ngpvan.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fb5b6d6c34cea4c3fddba11560e161e28a14bd9e9df1faf08e8deb9f80673d8e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=10
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Tue, 01 Oct 2024 02:06:21 GMT
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cdn
Imperva
x-content-type-options
nosniff
x-iinfo
4-73516857-73516868 NNNN CT(87 175 0) RT(1727748381391 27) q(0 0 2 0) r(3 3) U18
x-xss-protection
1; mode=block
at.js
static.everyaction.com/ea-actiontag/ 		835 KB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e8a1f67acae64fc684bb86352bd299bead015c7a97bf527244f7a79b2b71f79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secure.ngpvan.com
Referer
https://secure.ngpvan.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"867f29f2d1a82d05493f65c1fe990970"
age
77373
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
e5goNK_3B4IgDMt7E4x0ldCCVqecHw9oZi_nSSl_Ca7bw01HzQRmOg==
date
Mon, 30 Sep 2024 04:36:50 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 17 Sep 2024 14:34:05 GMT
cache-control
max-age=900, s-maxage=86400, public
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
245537
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
at.min.css
static.everyaction.com/ea-actiontag/ 		59 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.min.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cad32c58f653cd5aab042f97017dcd8e86a44cbad12adc1422e9f60af68c25d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.ngpvan.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"13cc3bd6b0384d03ad93f2f71d046259"
age
84476
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
97FyEKGbZIaUbtckh08khV47MtDi67pdA0hk_jUezRRyLTR8w8VmMA==
date
Mon, 30 Sep 2024 02:38:27 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 17 Sep 2024 14:34:05 GMT
cache-control
max-age=900, s-maxage=86400, public
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
11716
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
dwg7avv.css
use.typekit.net/ 		3 KB
942 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/dwg7avv.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0cf5d52f67ae2abd5e7d4f4f078ec76ffa39eb58badc33c745c269cb21d92425
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.ngpvan.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
720
date
Tue, 01 Oct 2024 02:06:22 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
Perez-Theme-Red.css
nvlupin.blob.core.windows.net/images/van/NGP/NGP33/1/95928/images/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP33/1/95928/images/Perez-Theme-Red.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.209.68.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
14c251be2496106417fac80a989bdc52d8fa86236d31b2eab63ed9919fa8683e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.ngpvan.com/

Response headers

Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8D9F0C295E1E23C
x-ms-request-id
f0dded7a-c01e-0030-6aa6-13db5f000000
Access-Control-Allow-Origin
*
Content-Length
8577
Date
Tue, 01 Oct 2024 02:06:22 GMT
Content-Type
text/css
Last-Modified
Tue, 15 Feb 2022 20:34:37 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
Perez-White-Logo-RGB.png
nvlupin.blob.core.windows.net/images/van/NGP/NGP33/1/95928/images/ 		301 KB
302 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP33/1/95928/images/Perez-White-Logo-RGB.png
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.209.68.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
01c46fefc0600fc579ffa94f71ac75038c8cd793f9ec8881a5676cc36d8a0359

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.ngpvan.com/

Response headers

Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8D9F0BC7150DC17
x-ms-request-id
fe7931e7-101e-0051-6ba6-13f81c000000
Access-Control-Allow-Origin
*
Content-Length
308724
Date
Tue, 01 Oct 2024 02:06:22 GMT
Content-Type
image/png
Last-Modified
Tue, 15 Feb 2022 19:50:39 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
vgs-collect.js
js.verygoodvault.com/vgs-collect/2.18.4/ 		134 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-68.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secure.ngpvan.com
Referer
https://secure.ngpvan.com/

Response headers

Content-Encoding
gzip
x-amz-version-id
jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
ETag
W/"156be461dd96d02fce3792c020f7748a"
Age
22
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Di6ebRvdsFBNGr95gcEmCVtpR2rqgrx6gULAritmsJBn_HPr7rOD_w==
Date
Tue, 01 Oct 2024 02:06:22 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 16 Mar 2023 10:29:55 GMT
Transfer-Encoding
chunked
Cache-Control
max-age=60
Connection
keep-alive
Via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
MUC50-P1
Server
AmazonS3
x-amz-server-side-encryption
AES256
_Incapsula_Resource
secure.ngpvan.com/ 		86 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=937257914
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f59553c266dac9590ecaf40c8b92ff87af28b00180829734273a48b98bb9373b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2

Response headers

x-robots-tag
noindex
cache-control
no-cache, no-store
content-encoding
gzip
content-length
20842
content-type
application/javascript
p.css
p.typekit.net/ 		5 B
173 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=dwg7avv&ht=tk&f=139.173.175.5474&a=86630781&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/dwg7avv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://use.typekit.net/

Response headers

cache-control
public, max-age=604800
etag
"6649f74c-5"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
5
date
Tue, 01 Oct 2024 02:06:22 GMT
content-type
text/css
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFD) /
Resource Hash
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.ngpvan.com/

Response headers

content-md5
MPOa5dHQWkOQRqdkBRC0hg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DC490392FC747D
age
1623
x-ms-version
2009-09-19
expires
Tue, 01 Oct 2024 02:36:22 GMT
x-cache
HIT
date
Tue, 01 Oct 2024 02:06:22 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 20 Mar 2024 17:31:27 GMT
vary
Accept-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-meta-lastmodified
2020-10-07 00:07:47
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.min.js
x-ms-request-id
73608a93-501e-0053-68a2-1303ae000000
access-control-allow-origin
*
x-ms-meta-aijssdkver
2.8.18
content-length
48078
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CFD)
extra.min.css
static.everyaction.com/ea-actiontag/ 		78 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4b7412402d8c1482f4d5de6edb0769fcd0e9d7a88dfb3d63cc617a17e44c95b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.ngpvan.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"4c5cac5fc24947799b837e9b4c669f3a"
age
2532
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
6gOpWrhK_W-iwUNJUFXWWfnfHU9DAt2C2Ko02aEUINemgcaLhmgsgw==
date
Tue, 01 Oct 2024 01:24:10 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 17 Sep 2024 14:34:05 GMT
cache-control
max-age=900, s-maxage=86400, public
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
14169
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
J9Dc25pEuEilBkYRyyOYLQ2
secure.ngpvan.com/v1/Forms/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/v1/Forms/J9Dc25pEuEilBkYRyyOYLQ2
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
99a8637268984abb3ea9dc01222946a6b5c9e512e5cfa8e34d23d7b325a337f7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

strict-transport-security
max-age=31536000
x-iinfo
4-73516857-73516868 PNNN RT(1727748381391 983) q(0 0 0 -1) r(1 1) U18
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
access-control-expose-headers
Request-Context
cache-control
public, max-age=10
content-encoding
gzip
x-cdn
Imperva
x-content-type-options
nosniff
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-length
975
date
Tue, 01 Oct 2024 02:06:22 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/dwg7avv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secure.ngpvan.com
Referer
https://use.typekit.net/dwg7avv.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"79fea02668402fc378c129193093131a2db2577c"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33576
date
Tue, 01 Oct 2024 02:06:23 GMT
content-type
application/font-woff2
server
nginx
_Incapsula_Resource
secure.ngpvan.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWKMTFSR=1&e=0.2222907248471817
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2

Response headers

x-robots-tag
noindex
cache-control
no-cache, no-store
content-length
1
content-type
text/plain
profile
fastaction.ngpvan.com/api/v3/ 		149 B
883 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastaction.ngpvan.com/api/v3/profile?_=1727748382817
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
38bc2ea55d6f07abbb47e7ac1e714a86dd322820dda7714a3a68b6594ede58c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.ngpvan.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
x-iinfo
4-73516857-73517155 NNNY CT(86 179 0) RT(1727748381391 1320) q(0 0 0 1) r(0 1) U4
content-encoding
gzip
etag
W/"95-Km1ym8yMsk5IxbcDYwpRvv3Q9AQ"
x-cdn
Imperva
access-control-allow-credentials
true
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
access-control-allow-origin
https://secure.ngpvan.com
content-length
265
p3p
CP="NOI ADM DEV COM NAV OUR STP"
date
Tue, 01 Oct 2024 02:06:23 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding,Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/dwg7avv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secure.ngpvan.com
Referer
https://use.typekit.net/dwg7avv.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"b5fef031a96fc670f9c3b1b64dd52243a29d7531"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
34336
date
Tue, 01 Oct 2024 02:06:23 GMT
content-type
application/font-woff2
server
nginx
J9Dc25pEuEilBkYRyyOYLQ2
secure.ngpvan.com/v1/Track/ 		0
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/v1/Track/J9Dc25pEuEilBkYRyyOYLQ2?formSessionId=197e3b20-cb5c-47f3-b992-1262ed1cecfa&bName=chrome&dType=desktop&formVersion=2/22/2022%205:48:31%20PM|2/15/2023%208:26:06%20PM&fUrl=aHR0cHM6Ly9zZWN1cmUubmdwdmFuLmNvbS9KOURjMjVwRXVFaWxCa1lSeXlPWUxRMg%3D%3D&fRef=
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2

Response headers

strict-transport-security
max-age=31536000
x-iinfo
4-73516857-73516868 PNNN RT(1727748381391 1312) q(0 0 0 -1) r(1 1) U2
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
access-control-expose-headers
Request-Context
cache-control
no-cache
pragma
no-cache
x-cdn
Imperva
x-content-type-options
nosniff
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
expires
-1
content-length
0
date
Tue, 01 Oct 2024 02:06:22 GMT
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
fast-action.svg
static.everyaction.com/ea-actiontag/assets/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.ngpvan.com/

Response headers

access-control-max-age
3000
etag
"babd47dc25531a9faeadc04f1afa1910"
age
75679
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
dU4rCUg76btDLYsekV8vR8vrCJ06li7chNf05dN6UfputOcMjhH3iA==
date
Mon, 30 Sep 2024 05:05:05 GMT
content-type
image/svg+xml
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
cache-control
max-age=86400
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
9203
x-amz-cf-pop
FRA56-P6
server
AmazonS3
fast-action.svg
static.everyaction.com/ea-actiontag/assets/images/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.ngpvan.com/

Response headers

access-control-max-age
3000
etag
"babd47dc25531a9faeadc04f1afa1910"
age
75679
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
dU4rCUg76btDLYsekV8vR8vrCJ06li7chNf05dN6UfputOcMjhH3iA==
date
Mon, 30 Sep 2024 05:05:05 GMT
content-type
image/svg+xml
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
cache-control
max-age=86400
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
9203
x-amz-cf-pop
FRA56-P6
server
AmazonS3
favicon.ico
secure.ngpvan.com/Content/images/
Redirect Chain
  • https://secure.ngpvan.com/favicon.ico
  • https://secure.ngpvan.com/Content/images/favicon.ico
15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Content/images/favicon.ico
Protocol
H2
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7bf94a4aa6a0872064d045aab0bdc4f8518a5524848b2ad5bf494e552fa6364e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.ngpvan.com/J9Dc25pEuEilBkYRyyOYLQ2

Response headers

x-iinfo
4-73516857-0 0CNN RT(1727748381391 1561) q(0 -1 -1 -1) r(0 -1)
access-control-expose-headers
Request-Context
etag
"025b43a794db1:0"
x-cdn
Imperva
content-length
15086
date
Tue, 01 Oct 2024 02:06:22 GMT
last-modified
Wed, 11 Sep 2024 18:34:26 GMT
content-type
image/x-icon

Redirect headers

x-iinfo
4-73516857-73516868 PNNN RT(1727748381391 1447) q(0 0 0 -1) r(1 1) U11
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
location
https://secure.ngpvan.com/Content/images/favicon.ico
x-cdn
Imperva
content-length
175
date
Tue, 01 Oct 2024 02:06:22 GMT
content-type
text/html; charset=utf-8
server
Microsoft-IIS/10.0
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://secure.ngpvan.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 01 Oct 2024 02:06:23 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
7da29812a27818f29ecedee8a3338f0f291d2237f97b10f4a42d522b9571d007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Tue, 01 Oct 2024 02:06:23 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| cookieSettingsAcceptCookiesAi string| appInsightsSDK object| appInsights function| handleScriptLoadError object| VgForm object| SecureForm object| VGSCollect function| _ object| Backbone object| CSSModal object| nvtag object| dataLayer object| _gaq object| nvtag_plugins object| _0x4629 function| _0x9462 object| numberA object| formview object| Microsoft object| __dynProto$Gbl

8 Cookies

Domain/Path Name / Value
.ngpvan.com/ Name: visid_incap_1002065
Value: zWNn/jaCSnWy+XWYMhKzax1Z+2YAAAAAQUIPAAAAAABG4ztCgIG9XpjtnUbf9AT7
.ngpvan.com/ Name: nlbi_1002065
Value: GgyLDza3UVetpDwe0IOYSwAAAAAwgBRcOJ+csjdCtovz1eg6
.ngpvan.com/ Name: incap_ses_473_1002065
Value: mbmhaiTiJWw5+A8jCm+QBh1Z+2YAAAAAQyj8bKVSLBNuOPUTHfVyKw==
secure.ngpvan.com/ Name: ai_user
Value: QVeuMA7q6PMk9A0IYYUmLw|2024-10-01T02:06:23.236Z
secure.ngpvan.com/ Name: ai_session
Value: Mh4uDnIIaMawOFr5EaRLLw|1727748383246|1727748383246
.ngpvan.com/ Name: visid_incap_972453
Value: Mg0IylXUQGm3FkXQ44hYwR5Z+2YAAAAAQUIPAAAAAABxAMnHFnly54m91hlnAH0Q
.ngpvan.com/ Name: nlbi_972453
Value: 2hnHSYeSUD5jK/TN+GeOKAAAAACMC6Cm9GnSrnHxUbYm8FXc
.ngpvan.com/ Name: incap_ses_473_972453
Value: GfWcDlBK8hBr+Q8jCm+QBh5Z+2YAAAAAvzFCPaFiNkkYYViyaLFqlg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
fastaction.ngpvan.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
p.typekit.net
secure.ngpvan.com
static.everyaction.com
use.typekit.net
18.66.192.68
20.209.68.129
20.50.88.242
2600:9000:2490:3800:3:1d53:4780:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
45.60.33.183
01c46fefc0600fc579ffa94f71ac75038c8cd793f9ec8881a5676cc36d8a0359
0cf5d52f67ae2abd5e7d4f4f078ec76ffa39eb58badc33c745c269cb21d92425
14c251be2496106417fac80a989bdc52d8fa86236d31b2eab63ed9919fa8683e
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541
38bc2ea55d6f07abbb47e7ac1e714a86dd322820dda7714a3a68b6594ede58c2
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f
6e8a1f67acae64fc684bb86352bd299bead015c7a97bf527244f7a79b2b71f79
7bf94a4aa6a0872064d045aab0bdc4f8518a5524848b2ad5bf494e552fa6364e
7da29812a27818f29ecedee8a3338f0f291d2237f97b10f4a42d522b9571d007
99a8637268984abb3ea9dc01222946a6b5c9e512e5cfa8e34d23d7b325a337f7
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
cad32c58f653cd5aab042f97017dcd8e86a44cbad12adc1422e9f60af68c25d6
d4b7412402d8c1482f4d5de6edb0769fcd0e9d7a88dfb3d63cc617a17e44c95b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f59553c266dac9590ecaf40c8b92ff87af28b00180829734273a48b98bb9373b
fb5b6d6c34cea4c3fddba11560e161e28a14bd9e9df1faf08e8deb9f80673d8e