secure.ngpvan.com Open in urlscan Pro
45.60.33.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.ngpvan.com/k/12092492/123940636/61306071?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-...
Effective URL:
https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2...
Submission: On November 21 via api (November 21st 2019, 8:09:11 pm UTC) from US

Summary HTTP 43 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 14 domains to perform 43 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is secure.ngpvan.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on February 8th 2018. Valid for: 3 years.

This is the only time secure.ngpvan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	52.239.157.138 52.239.157.138	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	143.204.101.72 143.204.101.72	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	2600:9000:20e... 2600:9000:20eb:3400:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	40.114.13.25 40.114.13.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	143.204.98.191 143.204.98.191	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
9	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
2	51.140.6.23 51.140.6.23	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
43	15

12 45.60.33.183 (United States) 1 redirects

ASN19551 (INCAPSULA - Incapsula Inc, US)

click.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
actions.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.239.157.138 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.72 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-72.fra50.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:20eb:3400:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.114.13.25 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.191 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-191.fra50.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	ngpvan.com 1 redirects click.ngpvan.com secure.ngpvan.com profile.ngpvan.com fastaction.ngpvan.com actions.ngpvan.com	31 KB
9	google-analytics.com www.google-analytics.com	18 KB
6	cloudfront.net d3rse9xjbp8270.cloudfront.net d1aqhv4sn5kxtx.cloudfront.net	367 KB
2	visualstudio.com dc.services.visualstudio.com	830 B
2	twitter.com platform.twitter.com	29 KB
2	facebook.net connect.facebook.net	61 KB
2	googletagmanager.com www.googletagmanager.com	49 KB
2	windows.net nvlupin.blob.core.windows.net	30 KB
1	everyaction.com secure.everyaction.com	1 KB
1	doubleclick.net stats.g.doubleclick.net	136 B
1	facebook.com staticxx.facebook.com
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	verygoodvault.com js.verygoodvault.com	24 KB
1	googleapis.com fonts.googleapis.com	884 B
43	14

	Domain	Requested by
9	www.google-analytics.com	www.googletagmanager.com secure.ngpvan.com
8	secure.ngpvan.com	secure.ngpvan.com az416426.vo.msecnd.net
5	d3rse9xjbp8270.cloudfront.net	secure.ngpvan.com d3rse9xjbp8270.cloudfront.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net az416426.vo.msecnd.net
2	platform.twitter.com	secure.ngpvan.com platform.twitter.com
2	connect.facebook.net	secure.ngpvan.com connect.facebook.net
2	www.googletagmanager.com	secure.ngpvan.com d3rse9xjbp8270.cloudfront.net
2	nvlupin.blob.core.windows.net	secure.ngpvan.com
1	secure.everyaction.com	az416426.vo.msecnd.net
1	stats.g.doubleclick.net	secure.ngpvan.com
1	actions.ngpvan.com	secure.ngpvan.com
1	fastaction.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	staticxx.facebook.com	connect.facebook.net
1	d1aqhv4sn5kxtx.cloudfront.net	www.googletagmanager.com
1	az416426.vo.msecnd.net	secure.ngpvan.com
1	js.verygoodvault.com	secure.ngpvan.com
1	fonts.googleapis.com	secure.ngpvan.com
1	click.ngpvan.com	1 redirects
43	19

This site contains links to these domains. Also see Links.

Domain
fastaction.ngpvan.com

Subject Issuer	Validity	Valid
*.ngpvan.com RapidSSL RSA CA 2018	`2018-02-08` - `2021-02-07`	3 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.blob.core.windows.net Microsoft IT TLS CA 5	`2019-05-22` - `2021-05-22`	2 years	crt.sh
*.verygoodvault.com Amazon	`2019-05-15` - `2020-06-15`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
dc.services.visualstudio.com Microsoft IT TLS CA 5	`2019-10-28` - `2021-10-28`	2 years	crt.sh
*.everyaction.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-19` - `2021-02-18`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Frame ID: 748DECE09E2B676D9C0D1502AAD583F1
Requests: 42 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 42534301D643655EF007FD4A25829C10
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.18ff99b5096ff173368df1a320e00cbf.html?origin=https%3A%2F%2Fsecure.ngpvan.com
Frame ID: 895CFE76A862D4B6BF066807952A89B5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.ngpvan.com/k/12092492/123940636/61306071?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi... HTTP 302
https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

43
Requests

100 %
HTTPS

50 %
IPv6

14
Domains

19
Subdomains

15
IPs

5
Countries

631 kB
Transfer

1922 kB
Size

18
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.ngpvan.com/k/12092492/123940636/61306071?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292&nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9OR1AvTkdQMDcvMS83Nzg3NCIsDQogICJEaXN0cmlidXRpb25VbmlxdWVJZCI6ICIyZWRkNjY4MS05OTBjLWVhMTEtODI4Yi0yODE4Nzg0ZDZkNjgiLA0KICAiRW1haWxBZGRyZXNzIjogImRia2Vob2VAY21zZW5lcmd5LmNvbSINCn0%3D&hmac=L74Vu8rhJ14xzaSdEfWpdwzhGx6s4mnP6WC52CtxGjU= HTTP 302
https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set IyM7NZHCp0y7bcOVdSicuQ2 Show response
secure.ngpvan.com/
Redirect Chain

https://click.ngpvan.com/k/12092492/123940636/61306071?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292&nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zh...
https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

7 KB
4 KB

167ms
145ms

Document
text/html

45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

b4f76213bd8cde50dd2cc6ca77dd6f167ced2ec69e6e7dbf300acdc186124944

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: secure.ngpvan.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Cookie: visid_incap_1392936=4TgqG3VyTDm1pDWQ6Hsez3Hu1l0AAAAAQUIPAAAAAAAF/Qmi3g0JRKtRJJiu+RL9; nlbi_1392936=zR3TelJfxxdoANouEgJYbgAAAABNP0kJY2waRSnNottN1uey; incap_ses_727_1392936=mfPDHJbvsUnn9b+b29MWCtXu1l0AAAAAnFn0W04lcUBYLHlN18Wf8g==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: TiPMix=55.557836059275; path=/; HttpOnly; Domain=secure.ngpvan.com; Max-Age=3600 x-ms-routing-name=self; path=/; HttpOnly; Domain=secure.ngpvan.com; Max-Age=3600 visid_incap_1002065=0bjHPWTWTimFV8c39Ye7oNXu1l0AAAAAQUIPAAAAAABZwEnryk4EP5/+2A4YVnWl; expires=Fri, 20 Nov 2020 09:31:41 GMT; path=/; Domain=.ngpvan.com nlbi_1002065=yceTAyvIfX0Iw/9A/jHQnQAAAABZiPtRAtn9UOdbm3quzcMO; path=/; Domain=.ngpvan.com incap_ses_727_1002065=FQR0NnpcSVf5ScCb29MWCtXu1l0AAAAAidZy3FeH9ZMoBSiFf8cdGw==; path=/; Domain=.ngpvan.com
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers: Request-Context
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date: Thu, 21 Nov 2019 20:08:53 GMT
X-CDN: Incapsula
Transfer-Encoding: chunked
X-Iinfo: 5-18899779-18899781 NNNY CT(0 0 0) RT(1574366933129 10) q(0 0 0 0) r(1 1) U12

Redirect headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Location: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers: Request-Context
X-Powered-By: ASP.NET
Date: Thu, 21 Nov 2019 20:08:53 GMT
Content-Length: 0
Set-Cookie: visid_incap_1392936=4TgqG3VyTDm1pDWQ6Hsez3Hu1l0AAAAAQUIPAAAAAAAF/Qmi3g0JRKtRJJiu+RL9; expires=Fri, 20 Nov 2020 09:31:41 GMT; path=/; Domain=.ngpvan.com nlbi_1392936=zR3TelJfxxdoANouEgJYbgAAAABNP0kJY2waRSnNottN1uey; path=/; Domain=.ngpvan.com incap_ses_727_1392936=mfPDHJbvsUnn9b+b29MWCtXu1l0AAAAAnFn0W04lcUBYLHlN18Wf8g==; path=/; Domain=.ngpvan.com
X-CDN: Incapsula
X-Iinfo: 12-21030549-21030554 NNNN CT(91 178 0) RT(1574366932718 8) q(0 0 2 1) r(4 4) U11

GET
H2 200 css
fonts.googleapis.com/ 2 KB
884 B 32ms
16ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,700&display=swap

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

470d1bb7d3409a7f32dd665f97b1426339507defd5d0d9edd04c34014aace4fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 21 Nov 2019 20:08:53 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 21 Nov 2019 20:08:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Thu, 21 Nov 2019 20:08:53 GMT

GET
H/1.1 200
OK Kildee.css
nvlupin.blob.core.windows.net/images/van/NGP/NGP07/1/77874/images/ 5 KB
6 KB 417ms
106ms Stylesheet
text/css 52.239.157.138
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP07/1/77874/images/Kildee.css
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4f7347d37d24201befdadbb3dd17d52d370248a0504a4918458352fe8637d83b

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 21 Nov 2019 20:08:52 GMT
Last-Modified: Tue, 08 Oct 2019 00:23:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D74B85BA1A4679
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 6cbb1861-e01e-00f1-45a7-a0c06b000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 5537

GET
H/1.1 200
OK script-error Show response
secure.ngpvan.com/js/ 228 B
527 B 8ms
7ms Script
text/javascript 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.ngpvan.com/js/script-error?v=GeYv9wZQnND5uIxL5ZRwfSHLeWRBgivVndhzehZsiRA1
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Thu, 21 Nov 2019 20:08:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2019 14:33:41 GMT
X-CDN: Incapsula
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 5-18899779-0 0CNN RT(1574366933129 162) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=19247088, public
Content-Length: 163
Expires: Wed, 01 Jul 2020 14:33:41 GMT

GET
H/1.1 200
OK DKLogo_noborder.png
nvlupin.blob.core.windows.net/images/van/NGP/NGP07/1/77874/images/ 23 KB
24 KB 427ms
116ms Image
image/png 52.239.157.138
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP07/1/77874/images/DKLogo_noborder.png
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e4ef74104fd733282726d7875c5e6db592f00d27631a60560aec96d885f2bce6

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 21 Nov 2019 20:08:53 GMT
Last-Modified: Mon, 07 Oct 2019 17:46:11 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D74B4E3DFBB904
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: c624362f-a01e-00df-41a7-a040ac000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 23941

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js.verygoodvault.com/vgs-collect/1/ 76 KB
24 KB 57ms
21ms Script
application/javascript 143.204.101.72
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.72 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78ebccc287e4866e4118321f60611002001dae10272b8a35de2862e5248c0fbc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Origin: https://secure.ngpvan.com

Response headers

Date: Thu, 21 Nov 2019 14:56:41 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA50-C1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 3000
Connection: keep-alive
Via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Nov 2019 05:33:13 GMT
Server: AmazonS3
Vary: Accept-Encoding,Origin
Access-Control-Allow-Methods: GET
x-amz-version-id: 6cCRUeDhvjcavwQT3kNUfEVAAXdplf0f
Access-Control-Allow-Origin: *
Content-Type: application/javascript
X-Amz-Cf-Id: LAbP7c7adaDM_qO56ZWtw7g2pVV5fXDXAzbn2Y4d_tgyDMfcDWzdWQ==

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 794 KB
226 KB 37ms
8ms Script
application/javascript 2600:9000:20eb:3400:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3400:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f53da8b4b82c6fdafa33b3592a95706e847b3888d396356c2c7dfc63c993137

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Origin: https://secure.ngpvan.com

Response headers

date: Thu, 21 Nov 2019 13:38:01 GMT
content-encoding: gzip
age: 23453
x-cache: Hit from cloudfront
status: 200
content-length: 230242
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 13:35:38 GMT
server: AmazonS3
etag: "42e3c6dad08579d125bc3e04bf3bc174"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: VdQcrG4cHdKUMAyGbubvuaXxm2rtToIy-ZB1_WJ22CZd2vzsbj4nIQ==

GET
H/1.1 200
OK base-js.gif
secure.ngpvan.com/Content/images/ 35 B
298 B 7ms
6ms Image
image/gif 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.ngpvan.com/Content/images/base-js.gif
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

X-Iinfo: 5-18899779-0 0CNN RT(1574366933129 285) q(0 -1 -1 -1) r(0 -1)
Date: Thu, 21 Nov 2019 20:08:53 GMT
Last-Modified: Fri, 15 Nov 2019 00:08:56 GMT
X-CDN: Incapsula
Etag: "0dc15df489bd51:0"
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK _Incapsula_Resource Show response
secure.ngpvan.com/ 118 KB
17 KB 13ms
12ms Script
application/javascript 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.ngpvan.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=556846347
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 89d8424097e964915f45a880d19ec4c15ca9ff1b400632d6375d70e1538c381b

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache
X-Robots-Tag: noindex
Content-Length: 17249
Content-Type: application/javascript

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 95 KB
22 KB 30ms
6ms Script
application/x-javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Nov 2019 20:08:54 GMT
content-encoding: gzip
content-md5: 7JhCKwvLjoUoS5N/nN9LRA==
x-cache: HIT
status: 200
content-length: 21636
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2019 21:34:18 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D6EEB48F61B4AC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 90bce6b5-801e-0121-6355-a0cf80000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, immutable
x-ms-version: 2009-09-19

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
26 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM473M

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fc7fd1db579dc384ce8913233b14e3fd34a8616bf266a37de2e0c5a11742ff57

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 20:08:53 GMT
content-encoding: br
last-modified: Thu, 21 Nov 2019 19:12:49 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 26241
x-xss-protection: 0
expires: Thu, 21 Nov 2019 20:08:53 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

705338e48360c8f1f4d0f5065d6cb06d3f6809dabe793a86c008ed58d2114118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: j0+GqWPApRe7NFSuGeToWg==
status: 200
date: Thu, 21 Nov 2019 20:08:53 GMT
expires: Thu, 21 Nov 2019 20:10:09 GMT
alt-svc: h3-23=":443"; ma=3600
content-length: 1779
x-fb-debug: pz87m/9S16mOnQkHm5fDGuh2eb7QFJwSIpT6UutahOxHGmJjGS7dh8yu7/V3sh/4WvZ2Fpe2Y4bue+CxQKiK3w==
x-fb-trip-id: 420120009
x-fb-content-md5: 44f8459965b8433033f69092e7320a12
etag: "3b500e66cf8bb5cb0529ee6da1c45d7a"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 290ms
271ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A0) /
Resource Hash: 0d5d54d040b7904a1980296edc2bb8337e091e2d6e354c5ad5f1b4765a54dd8b

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Thu, 21 Nov 2019 20:08:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Nov 2019 22:41:07 GMT
Server: ECS (fcn/41A0)
Etag: "36bfc359950279f61a599a6f5308ee0f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28823

GET
H/1.1 200
OK with-js.gif
secure.ngpvan.com/Content/images/ 35 B
298 B 8ms
6ms Image
image/gif 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.ngpvan.com/Content/images/with-js.gif
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

X-Iinfo: 5-18899779-0 0CNN RT(1574366933129 604) q(0 -1 -1 -1) r(0 -1)
Date: Thu, 21 Nov 2019 20:08:53 GMT
Last-Modified: Wed, 20 Nov 2019 23:49:00 GMT
X-CDN: Incapsula
Etag: "03eb114fd9fd51:0"
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK _Incapsula_Resource
secure.ngpvan.com/ 1 B
195 B 10ms
9ms Image
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.ngpvan.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7737439735832659
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Cache-Control: no-cache
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 27ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=fd8368ef03a724602bbc94a2436f838a&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8ffec74f155728e829b6677df4cd8fecccdaa558566203909194e635ec7fb7d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Origin: https://secure.ngpvan.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: iaEfdKV0rX+yEVZTfi9qWQ==
status: 200
date: Thu, 21 Nov 2019 20:08:54 GMT
expires: Fri, 20 Nov 2020 19:29:24 GMT
alt-svc: h3-23=":443"; ma=3600
content-length: 59475
x-fb-debug: 2RWeQs0wd+ScFjSEOhN+nYUhzNsoOfp4GIDnUtfsIF6VzgbKGuHxRck/ALxcpxXMJjYEe+SrrEMhM8TrK8id0Q==
x-fb-trip-id: 420120009
x-fb-content-md5: f49676e41caa57d907e43a42c1c514a7
etag: "473ca0ded0da4312614f85f25e3cc733"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK identity Show response
profile.ngpvan.com/ 72 B
957 B 499ms
126ms Script
text/javascript 40.114.13.25
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

4935587be0bf4332f2e4367f22756ef311b94b061502e3c6e4c61771d665f5ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Thu, 21 Nov 2019 20:08:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Powered-By: Express, ASP.NET
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Content-Type: text/javascript; charset=utf-8
Content-Length: 190
ETag: W/"48-jTb3HQf5nFYna6w8tFVJucvB6mo"
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
24 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e15d2a7718f56893801e557e766c5b67936555bf318949713f4243d67db6315a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 20:08:54 GMT
content-encoding: br
last-modified: Thu, 21 Nov 2019 19:12:49 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 23975
x-xss-protection: 0
expires: Thu, 21 Nov 2019 20:08:54 GMT

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 111 KB
21 KB 37ms
21ms Stylesheet
text/css 2600:9000:20eb:3400:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3400:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6da6a439f556d49a78c6552b27cc4e64437574cfe807163470a31021d9b5874

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 13:38:02 GMT
content-encoding: gzip
age: 23453
x-cache: Hit from cloudfront
status: 200
content-length: 20551
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 13:35:38 GMT
server: AmazonS3
etag: "05c7ec9c3db23661d1b181e21b0a77c0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: WCQ55zIqMyYXrl49MP7Pkr_QhWgE4gtXBvZNwbD7VSiezUIti0O6HA==

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 91 KB
16 KB 34ms
18ms Stylesheet
text/css 2600:9000:20eb:3400:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3400:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 460d19fb3e7eab2e0545cb51c33cae7bb49acf0dccb757d3b8f80c1fd98bb683

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 13:38:02 GMT
content-encoding: gzip
age: 23453
x-cache: Hit from cloudfront
status: 200
content-length: 15705
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 13:35:38 GMT
server: AmazonS3
etag: "333837eac5d8ffacfe4d72ed6deebba7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: fwyTCp2ZL5yxFM76xz0xyjkSt1JR2D9S0DWhICKF8em98zlqPkdSzA==

GET
H/1.1 200
OK IyM7NZHCp0y7bcOVdSicuQ2 Show response
secure.ngpvan.com/v1/Forms/ 5 KB
3 KB 145ms
145ms XHR
application/json 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/IyM7NZHCp0y7bcOVdSicuQ2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

1acce9d038a99fff847da493a7f0e92a9635bd36c88e9c10ffe9c1617a26fa48

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
X-Requested-With: XMLHttpRequest
Request-Id: |uv+R8.R8vDt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Transfer-Encoding: chunked
X-Iinfo: 5-18899779-18899781 SNNy RT(1574366933129 725) q(0 0 0 -1) r(1 1) U2
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma: no-cache
Last-Modified: Thu, 21 Nov 2019 20:07:15 GMT
Date: Thu, 21 Nov 2019 20:08:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8; =utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
ETag: "a03d38dd-0805-4cca-890d-8e0599470ac4"
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires: -1

GET
H/1.1 200
OK sweetspot.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 8 KB
9 KB 23ms
7ms Script
application/x-javascript 143.204.98.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.191 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-191.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Thu, 21 Nov 2019 03:11:10 GMT
Via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Age: 61065
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8149
Last-Modified: Wed, 01 Mar 2017 15:31:32 GMT
Server: AmazonS3
ETag: "37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: h9Vk4EfrQnJpvVK8AeSNrRLV5EAt6eAhCv5l1s4dqf2Mh85BMG_W6A==

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 4253 0
0 7ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=fd8368ef03a724602bbc94a2436f838a&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Wed, 18 Nov 2020 21:40:50 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: ypnMx/c8yg7/iZ9FB45qXOqtAWa1MLyDKLXbwlM87MXBYPYp4jCBjJukEdX38vYP9ti7gWA79PJC2bSMCiib+g==
content-length: 12402
x-fb-trip-id: 420120009
date: Thu, 21 Nov 2019 20:08:54 GMT
alt-svc: h3-23=":443"; ma=3600

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5717
date: Thu, 21 Nov 2019 18:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 21 Nov 2019 20:33:37 GMT

GET
H/1.1 200
OK identity Show response
fastaction.ngpvan.com/api/v1/ 186 B
1 KB 419ms
398ms Script
text/javascript 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1574366934275=

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

591281ac17c96168372c535cff28fd54d7ed58e45e1b46454ca1434b3a2a49a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-CDN: Incapsula
X-Powered-By: Express
Transfer-Encoding: chunked
P3p: CP="NOI ADM DEV COM NAV OUR STP"
X-Iinfo: 7-11813743-11813744 NNYN CT(86 184 0) RT(1574366934021 8) q(0 0 3 -1) r(4 4) U4
Connection: keep-alive
Content-Encoding: gzip
Etag: W/"ba-953584398"
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
Server: Cowboy
Date: Thu, 21 Nov 2019 20:08:54 GMT
Vary: X-HTTP-Method-Override, Accept-Encoding
Content-Type: text/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/ 94 KB
95 KB 9ms
8ms Font
application/font-woff2 2600:9000:20eb:3400:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3400:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Origin: https://secure.ngpvan.com

Response headers

date: Fri, 25 Oct 2019 01:48:44 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
age: 9414
x-cache: Hit from cloudfront
status: 200
content-length: 96388
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: WBORzzE3H_-4TXSujDKGZkASOGlEST-o5M85ZJ5aXSbf244vxYapVw==

GET
H2 200 fast-action.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 1019 B
1 KB 7ms
7ms Image
image/png 2600:9000:20eb:3400:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/fast-action.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3400:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 06 Oct 2019 12:23:36 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
age: 4002318
x-cache: Hit from cloudfront
status: 200
content-length: 1019
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "fe324c0498d28e434d58e6d547ba19a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: vMKs0wcWt_b-R1y-3mTIYhpM1bEBZ20PcK8PVMrcsaTkLWsGUxlf7g==

GET
H/1.1 200
OK IyM7NZHCp0y7bcOVdSicuQ2
actions.ngpvan.com/v1/Track/ 0
756 B 137ms
116ms Image
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://actions.ngpvan.com/v1/Track/IyM7NZHCp0y7bcOVdSicuQ2

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Expires: -1
X-CDN: Incapsula
Date: Thu, 21 Nov 2019 20:08:54 GMT
X-Frame-Options: SAMEORIGIN
X-Iinfo: 13-29734033-29728660 PNNy RT(1574366934055 8) q(0 0 0 -1) r(1 1) U2
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Content-Length: 0
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
12ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1526500678&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FIyM7NZHCp0y7bcOVdSicuQ2%3Femci%3D6eca4f5c-970c-ea11-828b-2818784d6d68%26emdi%3D2edd6681-990c-ea11-828b-2818784d6d68%26ceid%3D7989292&ul=en-us&de=UTF-8&dt=Tell%20Dan%20What%20You%20Think!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Downloading&utt=153&_u=YEBAAEAB~&jid=1226318284&gjid=762132605&cid=38107938.1574366934&tid=UA-28243511-22&_gid=2072909155.1574366934&_r=1&gtm=2wgav95L2FSL&z=1218999964

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Nov 2019 20:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
97 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1526500678&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FIyM7NZHCp0y7bcOVdSicuQ2%3Femci%3D6eca4f5c-970c-ea11-828b-2818784d6d68%26emdi%3D2edd6681-990c-ea11-828b-2818784d6d68%26ceid%3D7989292&ul=en-us&de=UTF-8&dt=Tell%20Dan%20What%20You%20Think!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDAgEAB~&jid=200723935&gjid=184147801&cid=38107938.1574366934&tid=UA-28243511-23&_gid=2072909155.1574366934&gtm=2wgav95L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP07%2F1%2F77874&cd4=1035952&cd5=SV%20Impeachment&cd6=IyM7NZHCp0y7bcOVdSicuQ2&z=819357648

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Nov 2019 17:50:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8303
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
136 B 16ms
15ms Image
image/gif 2a00:1450:400c:c08::9c
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-28243511-23&cid=38107938.1574366934&jid=200723935&gjid=184147801&_gid=2072909155.1574366934&_u=YGDAgEAB~&z=1580062398

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Thu, 21 Nov 2019 20:08:54 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 15ms
14ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1526500678&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FIyM7NZHCp0y7bcOVdSicuQ2%3Femci%3D6eca4f5c-970c-ea11-828b-2818784d6d68%26emdi%3D2edd6681-990c-ea11-828b-2818784d6d68%26ceid%3D7989292&ul=en-us&de=UTF-8&dt=Tell%20Dan%20What%20You%20Think!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=PetitionForm&ea=Form%20Load&el=Minimal&ev=10&_u=YGDAAEAB~&jid=358744707&gjid=267277193&cid=38107938.1574366934&tid=UA-28243511-23&_gid=2072909155.1574366934&_r=1&gtm=2wgav95L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP07%2F1%2F77874&cd4=1035952&cd5=SV%20Impeachment&cd6=IyM7NZHCp0y7bcOVdSicuQ2&z=714898210

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Nov 2019 20:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 8ms
7ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1526500678&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FIyM7NZHCp0y7bcOVdSicuQ2%3Femci%3D6eca4f5c-970c-ea11-828b-2818784d6d68%26emdi%3D2edd6681-990c-ea11-828b-2818784d6d68%26ceid%3D7989292&ul=en-us&de=UTF-8&dt=Tell%20Dan%20What%20You%20Think!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Processing&utt=5&_u=YGDAAEAB~&jid=&gjid=&cid=38107938.1574366934&tid=UA-28243511-22&_gid=2072909155.1574366934&gtm=2wgav95L2FSL&z=2144074843

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Nov 2019 17:50:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8303
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 7ms
7ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1526500678&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FIyM7NZHCp0y7bcOVdSicuQ2%3Femci%3D6eca4f5c-970c-ea11-828b-2818784d6d68%26emdi%3D2edd6681-990c-ea11-828b-2818784d6d68%26ceid%3D7989292&ul=en-us&de=UTF-8&dt=Tell%20Dan%20What%20You%20Think!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Render&utt=17&_u=YGDAAEAB~&jid=&gjid=&cid=38107938.1574366934&tid=UA-28243511-22&_gid=2072909155.1574366934&gtm=2wgav95L2FSL&z=1052472816

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Nov 2019 17:50:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8303
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1526500678&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FIyM7NZHCp0y7bcOVdSicuQ2%3Femci%3D6eca4f5c-970c-ea11-828b-2818784d6d68%26emdi%3D2edd6681-990c-ea11-828b-2818784d6d68%26ceid%3D7989292&ul=en-us&de=UTF-8&dt=Tell%20Dan%20What%20You%20Think!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Fill&utt=9&_u=YGDAAEAB~&jid=&gjid=&cid=38107938.1574366934&tid=UA-28243511-22&_gid=2072909155.1574366934&gtm=2wgav95L2FSL&z=1308192032

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Nov 2019 17:50:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8303
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1526500678&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FIyM7NZHCp0y7bcOVdSicuQ2%3Femci%3D6eca4f5c-970c-ea11-828b-2818784d6d68%26emdi%3D2edd6681-990c-ea11-828b-2818784d6d68%26ceid%3D7989292&ul=en-us&de=UTF-8&dt=Tell%20Dan%20What%20You%20Think!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Form&utt=188&_u=YGDAAEAB~&jid=&gjid=&cid=38107938.1574366934&tid=UA-28243511-22&_gid=2072909155.1574366934&gtm=2wgav95L2FSL&z=1032760965

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Nov 2019 17:50:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8303
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1526500678&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2FIyM7NZHCp0y7bcOVdSicuQ2%3Femci%3D6eca4f5c-970c-ea11-828b-2818784d6d68%26emdi%3D2edd6681-990c-ea11-828b-2818784d6d68%26ceid%3D7989292&ul=en-us&de=UTF-8&dt=Tell%20Dan%20What%20You%20Think!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Total&utt=235&_u=YGDAAEAB~&jid=&gjid=&cid=38107938.1574366934&tid=UA-28243511-22&_gid=2072909155.1574366934&gtm=2wgav95L2FSL&z=1957170424

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Nov 2019 17:50:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8303
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.18ff99b5096ff173368df1a320e00cbf.html
platform.twitter.com/widgets/ Frame 895C 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.18ff99b5096ff173368df1a320e00cbf.html?origin=https%3A%2F%2Fsecure.ngpvan.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/419B) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Nov 2019 20:08:54 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Tue, 19 Nov 2019 21:57:05 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/419B)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H/1.1 200
OK nvtag Show response
profile.ngpvan.com/v2/data/awpc1bAxjPzPwoFYEb6aL0o1/ 2 B
788 B 401ms
125ms XHR
application/json 40.114.13.25
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/awpc1bAxjPzPwoFYEb6aL0o1/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Origin: https://secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Thu, 21 Nov 2019 20:08:54 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: Express, ASP.NET
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://secure.ngpvan.com
Access-Control-Allow-Credentials: true
Content-Length: 123
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag

OPTIONS
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 0
311 B 85ms
20ms XHR
text/plain 51.140.6.23
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://secure.ngpvan.com
Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: content-type,sdk-context

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 21 Nov 2019 20:08:54 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 0
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST

POST
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 96 B
519 B 442ms
442ms XHR
application/json 51.140.6.23
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

411122d14adc4bc002b891888c499170fed6159ad31ebf2474abc79fe71aadb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Origin: https://secure.ngpvan.com
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 39E9D250-6BE5-47C2-88F3-3D52136F6BB4
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 21 Nov 2019 20:08:54 GMT
Access-Control-Max-Age: 3600
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 96

GET
H/1.1 204
No Content awpc1bAxjPzPwoFYEb6aL0o1 Show response
secure.everyaction.com/Databag/Profile/ 0
1 KB 126ms
105ms XHR
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/awpc1bAxjPzPwoFYEb6aL0o1

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
Origin: https://secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Thu, 21 Nov 2019 20:08:54 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://secure.ngpvan.com
X-Iinfo: 12-21031103-21027631 PNNy RT(1574366934726 9) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content awpc1bAxjPzPwoFYEb6aL0o1 Show response
secure.ngpvan.com/Databag/Profile/ 0
679 B 106ms
105ms XHR
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/awpc1bAxjPzPwoFYEb6aL0o1

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.ngpvan.com/IyM7NZHCp0y7bcOVdSicuQ2?emci=6eca4f5c-970c-ea11-828b-2818784d6d68&emdi=2edd6681-990c-ea11-828b-2818784d6d68&ceid=7989292
X-Requested-With: XMLHttpRequest
Request-Id: |uv+R8.waHFo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Thu, 21 Nov 2019 20:08:54 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
X-Iinfo: 5-18899779-18899781 SNNy RT(1574366933129 1586) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_972453 Value: +R9aQrWNCDvNfp3eMvukzwAAAACipavAJIl0viSs0wiea2Wy
.ngpvan.com/	1970-01-19 05:19:26	Name: _gat_UA-28243511-23 Value: 1
secure.ngpvan.com/	1970-01-19 14:05:02	Name: ai_user Value: ldh9Z\|2019-11-21T20:08:54.080Z
.ngpvan.com/	1970-01-19 22:50:38	Name: _ga Value: GA1.2.38107938.1574366934
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_727_1002065 Value: FQR0NnpcSVf5ScCb29MWCtXu1l0AAAAAidZy3FeH9ZMoBSiFf8cdGw==
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_1002065 Value: yceTAyvIfX0Iw/9A/jHQnQAAAABZiPtRAtn9UOdbm3quzcMO
.ngpvan.com/	1970-01-19 14:04:24	Name: visid_incap_1002065 Value: 0bjHPWTWTimFV8c39Ye7oNXu1l0AAAAAQUIPAAAAAABZwEnryk4EP5/+2A4YVnWl
secure.ngpvan.com/	1970-01-19 05:19:28	Name: ai_session Value: EtNSl\|1574366934269.455\|1574366934269.455
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_727_972453 Value: bWdODFH7pi9GS8Cb29MWCtbu1l0AAAAANEiBq6tMWh9zDn/94Pz40A==
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_1392936 Value: zR3TelJfxxdoANouEgJYbgAAAABNP0kJY2waRSnNottN1uey
.ngpvan.com/	1970-01-19 05:19:26	Name: _dc_gtm_UA-28243511-23 Value: 1
.ngpvan.com/	1970-01-19 05:20:53	Name: _gid Value: GA1.2.2072909155.1574366934
.secure.ngpvan.com/	1970-01-19 05:19:30	Name: x-ms-routing-name Value: self
.secure.ngpvan.com/	1970-01-19 05:19:30	Name: TiPMix Value: 55.557836059275
.ngpvan.com/	1970-01-19 05:19:26	Name: _gat_UA-28243511-22 Value: 1
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_727_1392936 Value: mfPDHJbvsUnn9b+b29MWCtXu1l0AAAAAnFn0W04lcUBYLHlN18Wf8g==
.ngpvan.com/	1970-01-19 14:04:24	Name: visid_incap_972453 Value: kTQC8+QmR5uhjCfax/V8sdbu1l0AAAAAQUIPAAAAAACF0TZxGyKfc1JZv7je2Z0c
.ngpvan.com/	1970-01-19 14:04:24	Name: visid_incap_1392936 Value: 4TgqG3VyTDm1pDWQ6Hsez3Hu1l0AAAAAQUIPAAAAAAAF/Qmi3g0JRKtRJJiu+RL9

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Downloading: 153.110107421875ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Processing: 5.439208984375ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Render: 17.48681640625ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Fill: 9.095703125ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Form: 188.608154296875ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Total: 234.765869140625ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actions.ngpvan.com
az416426.vo.msecnd.net
click.ngpvan.com
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
fonts.googleapis.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
platform.twitter.com
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
staticxx.facebook.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
143.204.101.72
143.204.98.191
152.199.19.160
2600:9000:20eb:3400:12:303c:8700:21
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:820::200a
2a00:1450:400c:c08::9c
2a03:2880:f01c:8012:face:b00c:0:3
40.114.13.25
45.60.33.183
51.140.6.23
52.239.157.138
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e
0d5d54d040b7904a1980296edc2bb8337e091e2d6e354c5ad5f1b4765a54dd8b
0f53da8b4b82c6fdafa33b3592a95706e847b3888d396356c2c7dfc63c993137
1acce9d038a99fff847da493a7f0e92a9635bd36c88e9c10ffe9c1617a26fa48
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
411122d14adc4bc002b891888c499170fed6159ad31ebf2474abc79fe71aadb2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
460d19fb3e7eab2e0545cb51c33cae7bb49acf0dccb757d3b8f80c1fd98bb683
470d1bb7d3409a7f32dd665f97b1426339507defd5d0d9edd04c34014aace4fd
4935587be0bf4332f2e4367f22756ef311b94b061502e3c6e4c61771d665f5ab
4f7347d37d24201befdadbb3dd17d52d370248a0504a4918458352fe8637d83b
557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321
591281ac17c96168372c535cff28fd54d7ed58e45e1b46454ca1434b3a2a49a3
705338e48360c8f1f4d0f5065d6cb06d3f6809dabe793a86c008ed58d2114118
78ebccc287e4866e4118321f60611002001dae10272b8a35de2862e5248c0fbc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89d8424097e964915f45a880d19ec4c15ca9ff1b400632d6375d70e1538c381b
8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0
8ffec74f155728e829b6677df4cd8fecccdaa558566203909194e635ec7fb7d0
b4f76213bd8cde50dd2cc6ca77dd6f167ced2ec69e6e7dbf300acdc186124944
b6da6a439f556d49a78c6552b27cc4e64437574cfe807163470a31021d9b5874
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e15d2a7718f56893801e557e766c5b67936555bf318949713f4243d67db6315a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ef74104fd733282726d7875c5e6db592f00d27631a60560aec96d885f2bce6
fc7fd1db579dc384ce8913233b14e3fd34a8616bf266a37de2e0c5a11742ff57

secure.ngpvan.com Open in urlscan Pro 45.60.33.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

50 %IPv6

14 Domains

19 Subdomains

15 IPs

5 Countries

631 kBTransfer

1922 kBSize

18 Cookies

7 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.ngpvan.com Open in urlscan Pro
45.60.33.183 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

50 %
IPv6

14
Domains

19
Subdomains

15
IPs

5
Countries

631 kB
Transfer

1922 kB
Size

18
Cookies

43 HTTP transactions
1 data transactions