URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Submission Tags: falconsandbox
Submission: On March 12 via api from US — Scanned from DE

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 52 HTTP transactions. The main IP is 13.32.27.93, located in United States and belongs to AMAZON-02, US. The main domain is secure.joebiden.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 25th 2023. Valid for: a year.
This is the only time secure.joebiden.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
3 13.32.27.93 16509 (AMAZON-02)
4 2600:9000:249... 16509 (AMAZON-02)
1 2a04:4e42::649 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
12 20.60.58.97 8075 (MICROSOFT...)
21 18.172.112.16 16509 (AMAZON-02)
1 2606:2800:133... 15133 (EDGECAST)
5 45.60.33.183 19551 (INCAPSULA)
2 20.50.88.242 8075 (MICROSOFT...)
1 107.21.245.171 14618 (AMAZON-AES)
52 11
Apex Domain
Subdomains
Transfer
21 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 22942
554 KB
12 windows.net
nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 82539
530 KB
5 ngpvan.com
profile.ngpvan.com — Cisco Umbrella Rank: 55853
secure.ngpvan.com — Cisco Umbrella Rank: 152884
fastaction.ngpvan.com — Cisco Umbrella Rank: 114158
8 KB
4 everyaction.com
static.everyaction.com — Cisco Umbrella Rank: 85029
272 KB
3 joebiden.com
secure.joebiden.com
27 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 768
200 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 228
167 KB
1 verygood.systems
vgs-collect-keeper.apps.verygood.systems — Cisco Umbrella Rank: 68166
111 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2776
47 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
30 KB
52 10
Domain Requested by
21 js.verygoodvault.com secure.joebiden.com
js.verygoodvault.com
12 nvlupin.blob.core.windows.net secure.joebiden.com
nvlupin.blob.core.windows.net
4 static.everyaction.com secure.joebiden.com
static.everyaction.com
3 secure.joebiden.com secure.joebiden.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 secure.ngpvan.com az416426.vo.msecnd.net
secure.joebiden.com
2 profile.ngpvan.com static.everyaction.com
az416426.vo.msecnd.net
2 cdnjs.cloudflare.com secure.joebiden.com
cdnjs.cloudflare.com
1 vgs-collect-keeper.apps.verygood.systems js.verygoodvault.com
1 fastaction.ngpvan.com az416426.vo.msecnd.net
1 az416426.vo.msecnd.net secure.joebiden.com
1 code.jquery.com secure.joebiden.com
52 12

This site contains links to these domains. Also see Links.

Domain
joebiden.com
fastaction.ngpvan.com
Subject Issuer Validity Valid
joe-biden-oa.edge.targetedaction.net
Amazon RSA 2048 M02
2023-04-25 -
2024-05-24
a year crt.sh
static.everyaction.com
Amazon RSA 2048 M02
2023-05-09 -
2024-06-06
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 06
2024-02-15 -
2024-06-27
4 months crt.sh
*.verygoodvault.com
Amazon RSA 2048 M02
2023-12-19 -
2025-01-16
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2024-01-30 -
2025-01-30
a year crt.sh
*.ngpvan.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-11-07 -
2024-11-06
a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03
2024-01-17 -
2025-01-11
a year crt.sh
*.apps.verygood.systems
Amazon RSA 2048 M01
2023-06-23 -
2024-07-21
a year crt.sh

This page contains 4 frames:

Primary Page: https://secure.joebiden.com/a/3presidents?attr=112964503
Frame ID: C51DA0220ECF17086504F26CDD7E47C8
Requests: 31 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: 9449E39A7D966D59D9140E6EB25C5393
Requests: 3 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: C1CD6419B9FD4DAD749054073DEC78E3
Requests: 17 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: 85ADF6337B35D275CDEFC1618B5EAD68
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Biden Victory Fund

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

100 %
HTTPS

40 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

1637 kB
Transfer

3745 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 3presidents
secure.joebiden.com/a/
11 KB
5 KB
Document
General
Full URL
https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-93.fra56.r.cloudfront.net
Software
/
Resource Hash
ce6ed04cc045150633068e3a8f54ee44a87f2e8a0da154402a1081b7f603eb1b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=10
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Tue, 12 Mar 2024 09:03:24 GMT
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-id
KAi6s6UAtRGsEaXEZjVutOegNUDcxAiRlIL9vacWrRctl2aZkksJfw==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-cdn
Imperva
x-content-type-options
nosniff
x-iinfo
6-28060023-28057871 2NNN RT(1710234204209 2) q(0 0 0 17) r(2 2)
x-xss-protection
1; mode=block
at.js
static.everyaction.com/ea-actiontag/
842 KB
236 KB
Script
General
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8a00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bedb8798259dcc4e32a7cf1c3867680d285be84c4081b4a7fe73b745202b0dc

Request headers

Referer
https://secure.joebiden.com/
Origin
https://secure.joebiden.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 04:21:09 GMT
content-encoding
gzip
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
16936
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
241400
last-modified
Tue, 05 Mar 2024 15:40:47 GMT
server
AmazonS3
etag
"b0b37f17f9dfdaa4aa2eb6ba17f3968a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
cVZ8XMlDjag3ZulyFCSDbI7kunqfbFNq8g3PSpbSVIsxRZrvY0NjOg==
at.min.css
static.everyaction.com/ea-actiontag/
59 KB
12 KB
Stylesheet
General
Full URL
https://static.everyaction.com/ea-actiontag/at.min.css
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8a00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ace7e5a67aeec033127347fe6d0e13b7ec27746fd1af2f8914efabce105451c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 04:04:08 GMT
content-encoding
gzip
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
17959
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11617
last-modified
Tue, 05 Mar 2024 15:40:47 GMT
server
AmazonS3
etag
"90d4effc4878fc473505b2be5f900a5e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
LflbLr8BijUO09olAaNkCIk10A5owdGlrlzbCrje5uXCNIamjMC3wQ==
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://secure.joebiden.com/
Origin
https://secure.joebiden.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 09:03:24 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2691823
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230113-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1710234205.652566,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
15, 291506
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/
99 KB
19 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 09:03:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
311573
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18688
last-modified
Tue, 30 Aug 2022 20:09:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"630e6e62-4900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c715fY8YZqVMe95APxQW3mhzlzGt8ym0p3znrd6dj3TMnuwQEWpHH9ftFqZYBLvmgAW8KDnOZJLpF8xiYr6SJ%2Fd5idfd2u11wX7rkQirXNI7usdfc9D%2FkfnmH7rSYugnzCRrynvnSHEYTX7dkY4W3K4Q"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86329c62fe949bb9-FRA
expires
Sun, 02 Mar 2025 09:03:24 GMT
theme-scripts.js
nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/
4 KB
4 KB
Script
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-scripts.js
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
52295346176abfcc8382f06325130aeb71662a47f0f2dcc10c2c9f539e1db81b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Mar 2024 09:03:24 GMT
Last-Modified
Mon, 24 Apr 2023 21:46:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB450D6B348EB0
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
f9c501bb-601e-0043-325c-74a10d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
3966
theme-styles.css
nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/
43 KB
44 KB
Stylesheet
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6724e38007436710587a98ff1d0770af52efe3e4b82c838e39d511496e3c131d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Mar 2024 09:03:24 GMT
Last-Modified
Mon, 13 Nov 2023 15:43:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DBE45F425AECFE
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
682e1823-f01e-007e-395c-74d716000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
44443
logo-blue3-bvf.svg
nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/
5 KB
5 KB
Image
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/logo-blue3-bvf.svg?2023-05-11
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
647e51003087f71a13ff6221716b6e465588245823820bf9d2e711016dd7c7ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Mar 2024 09:03:24 GMT
Last-Modified
Thu, 11 May 2023 20:02:48 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB525AB180CB0F
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
894ffc2b-d01e-0056-275c-74b6be000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
5012
logo-ivory-bvf.svg
nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/
5 KB
5 KB
Image
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/logo-ivory-bvf.svg?2023-05-11
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
333af1d34af14bb57d27dd04b5847297a2af0dce4684a26cbe63b591423723ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Mar 2024 09:03:24 GMT
Last-Modified
Thu, 11 May 2023 20:02:48 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB525AB1AF0026
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
b2515a10-501e-003a-645c-745d29000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
5012
vgs-collect.js
js.verygoodvault.com/vgs-collect/2.18.4/
134 KB
44 KB
Script
General
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

Referer
https://secure.joebiden.com/
Origin
https://secure.joebiden.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding
gzip
Via
1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 09:03:04 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
21
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Mar 2023 10:29:55 GMT
Server
AmazonS3
ETag
W/"156be461dd96d02fce3792c020f7748a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
X-Amz-Cf-Id
aVMsO7IuNybp_2AHIsnOmZBHO7R9zka1seqzWpExmY5fam1_mHxRuA==
_Incapsula_Resource
secure.joebiden.com/
150 KB
22 KB
Script
General
Full URL
https://secure.joebiden.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=312287985
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-93.fra56.r.cloudfront.net
Software
/
Resource Hash
d581935657353c71b239b35ab4a0be1b3fbc80644f786bfa5a6b4987658cacc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/a/3presidents?attr=112964503
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 09:03:25 GMT
content-encoding
gzip
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
21553
x-amz-cf-id
mHG5aksqX_QcA0HcuUrjWVN2GJ9lDGIWsYV4khxvplU6lYsrsgBulA==
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/
120 KB
47 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFD) /
Resource Hash
19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Mar 2024 09:03:25 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
2+CVLpI/+n4/WqDrTExBWA==
age
991
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.17.min.js
content-length
48042
x-ms-lease-status
unlocked
last-modified
Wed, 14 Feb 2024 19:25:27 GMT
server
ECAcc (frc/4CFD)
x-ms-meta-aijssdkver
2.8.17
etag
0x8DC2D92B347C0C9
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6855ab30-001e-0032-7459-74ef9e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Tue, 12 Mar 2024 09:33:25 GMT
decimal-bold.woff2
nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/fonts/
56 KB
57 KB
Font
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/fonts/decimal-bold.woff2
Requested by
Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
35287a6df42a43770f6a53e08836b5d9bccf73fa4210c92d1b7776fb26f1d13c

Request headers

Referer
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Origin
https://secure.joebiden.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Mar 2024 09:03:25 GMT
Last-Modified
Mon, 24 Apr 2023 02:16:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB4469E9C60781
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
x-ms-request-id
80f5bc74-b01e-0050-795c-748501000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
57669
decimal-book.woff2
nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/fonts/
55 KB
55 KB
Font
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/fonts/decimal-book.woff2
Requested by
Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9819c54e8c89cb3896396ce4045d5546d89ce8434ed536514044ac7fbfb6169f

Request headers

Referer
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Origin
https://secure.joebiden.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Mar 2024 09:03:24 GMT
Last-Modified
Mon, 24 Apr 2023 02:16:33 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB4469EC8D4B77
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
x-ms-request-id
1eee477e-801e-0064-3d5c-74b6c9000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
56161
decimal-semibold.woff2
nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/fonts/
51 KB
52 KB
Font
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/fonts/decimal-semibold.woff2
Requested by
Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4b22f3d5a161a2ef9306b976c3d1d23780eb12f34118b330ef99c8ca27c9d948

Request headers

Referer
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Origin
https://secure.joebiden.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Mar 2024 09:03:24 GMT
Last-Modified
Mon, 24 Apr 2023 02:16:43 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB4469F25292D4
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
x-ms-request-id
288028d2-201e-007d-395c-743672000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
52209
_Incapsula_Resource
secure.joebiden.com/
1 B
528 B
Image
General
Full URL
https://secure.joebiden.com/_Incapsula_Resource?SWKMTFSR=1&e=0.05114885806079261
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-93.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/a/3presidents?attr=112964503
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 09:03:25 GMT
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/plain
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
x-amz-cf-id
owHOdAQOrr1rAetx0uFIMpTXa9DOTVhioJBtg7fghD1MR1oNNS4pyA==
extra.min.css
static.everyaction.com/ea-actiontag/
78 KB
14 KB
Stylesheet
General
Full URL
https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8a00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63a66e1b3bb126e774cd303a9e80cc8615c66c6056fad6b8e303984772460b15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 05:09:00 GMT
content-encoding
gzip
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
14066
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14162
last-modified
Tue, 05 Mar 2024 15:40:47 GMT
server
AmazonS3
etag
"65083c7a2444ef6ebb83a6283c170621"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
XgRSWQBq1OJ7xCp4DdojJqyZ3WqHDl92bll2oz2RIdJdX-ps5bvnrg==
identity
profile.ngpvan.com/
72 B
1 KB
Script
General
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
14551ca1e0d08a7ea27208b3da5d44c584d2acdc354eae8aeefdcdaf1244fa93
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 09:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-cdn
Imperva
etag
W/"48-75PktI29ln8kGv2kyLHb7YOs3xQ"
x-powered-by
Express, ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo
3-48406709-48406711 NNNN CT(92 198 0) RT(1710234204472 9) q(0 0 3 1) r(4 4) U24
x-incap-sess-cookie-hdr
qwuoG75OAXMvml521fhpA1wa8GUAAAAASSsUyoFb/bnkHhJx4PITXw==
content-length
190
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vBBQG7QSB0KAexdWzBv2Bw2
secure.ngpvan.com/v1/Forms/
15 KB
6 KB
XHR
General
Full URL
https://secure.ngpvan.com/v1/Forms/vBBQG7QSB0KAexdWzBv2Bw2?attr=112964503
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3b502e2aaf8567bcd41b22a11adb35e054978d7d112cfff854e8701b9ebc04a2
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.joebiden.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 09:03:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-cdn
Imperva
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo
3-48406709-48406715 NNNN CT(92 198 0) RT(1710234204472 14) q(0 0 3 1) r(5 5) U18
content-length
4959
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.joebiden.com
access-control-expose-headers
Request-Context
cache-control
public, max-age=10
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
GhT5Jci4Jwoyml521fhpA1wa8GUAAAAAfYMELik0L6jRchcQNpsA0Q==
nvtag
profile.ngpvan.com/v2/data/0nMW8g5dOpckpmVG791lkEIc/
2 B
831 B
XHR
General
Full URL
https://profile.ngpvan.com/v2/data/0nMW8g5dOpckpmVG791lkEIc/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.joebiden.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 09:03:25 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-cdn
Imperva
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by
Express, ASP.NET
vary
Origin,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.joebiden.com
x-iinfo
14-102736820-102736822 NNNN CT(92 213 0) RT(1710234204896 7) q(0 0 3 -1) r(4 4) U24
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
pIchXJCgOH4vml521fhpA10a8GUAAAAAkpKLz+Q42KFfHrzQGyrhAA==
content-length
123
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
identity
fastaction.ngpvan.com/api/v2/
136 B
793 B
XHR
General
Full URL
https://fastaction.ngpvan.com/api/v2/identity
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
a8833a7949af0f90b81741db0b4ba911bd390847f36414bb66ab52269fb3a727
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.joebiden.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 09:03:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
x-cdn
Imperva
x-powered-by
Express, ASP.NET
p3p
CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo
3-48406709-48406767 NNNY CT(92 195 0) RT(1710234204472 472) q(0 0 0 0) r(0 4) U4
content-length
251
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
server
Microsoft-IIS/10.0
etag
W/"88-1ftmlvioXnkPNxMn1lheaoD63JA"
vary
Accept-Encoding,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.joebiden.com
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
B+dZYIpgGxL1m1521fhpA10a8GUAAAAA5mjVReiIL628c9m0NGW1bA==
index.html
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 9449
158 KB
51 KB
Document
General
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632

Request headers

Referer
https://secure.joebiden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
19
Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 12 Mar 2024 09:03:12 GMT
ETag
W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified
Thu, 16 Mar 2023 10:29:57 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 392cb865edfd76152c5ac655614b2f60.cloudfront.net (CloudFront), 1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
oAAKJBRmnnlxzGpVYv0QtAV2VNoL1Sl5cNB1COsMJaRmuAYimWTZ9A==
X-Amz-Cf-Pop
FRA56-P12 FRA60-P8
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256
x-amz-version-id
D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD
decimal-semibold-italic.woff2
nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/fonts/
52 KB
53 KB
Font
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/fonts/decimal-semibold-italic.woff2
Requested by
Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
43c3959e53285e8858ec531d555603919a9a56f2d0ff065bab2bef7ea85ee506

Request headers

Referer
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Origin
https://secure.joebiden.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Mar 2024 09:03:25 GMT
Last-Modified
Mon, 24 Apr 2023 02:16:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB4469F13BA61A
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
x-ms-request-id
28802954-201e-007d-2e5c-743672000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
53677
truncated
/
784 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml
decimal-medium.woff2
nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/fonts/
56 KB
57 KB
Font
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/fonts/decimal-medium.woff2
Requested by
Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c695ffee6923c7729d8c38205a5388df4d32a226e2d33da6851e74e7225cbf3c

Request headers

Referer
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Origin
https://secure.joebiden.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Mar 2024 09:03:25 GMT
Last-Modified
Mon, 24 Apr 2023 02:16:39 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB4469F07BF479
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
x-ms-request-id
80f5bcef-b01e-0050-6d5c-748501000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
57365
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/
147 KB
148 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
Origin
https://secure.joebiden.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 09:03:25 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
45677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
150472
last-modified
Tue, 30 Aug 2022 20:09:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"630e6e62-24bc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMVDrvE0OovjuKOfEMScEYt1heTFw91uL0AUSx7raUYcoszhXIIZUaeV3HWrIh3gJDn6nn2erx%2Bfzp%2Bg8BaGncoZj%2FjDy1K75G6QiIp1RikhUkGSzrJK5Om%2BB0gJw79N8y2SeHpn6d7cZLBbMkLk8%2Bi5"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86329c699fdf5d8c-FRA
expires
Sun, 02 Mar 2025 09:03:25 GMT
decimal-book-italic.woff2
nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/fonts/
57 KB
57 KB
Font
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/fonts/decimal-book-italic.woff2
Requested by
Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
10ea83997b0c79a1e83bb5d8af4f25c154650a46fe766e2575a00a102f89c5cc

Request headers

Referer
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Origin
https://secure.joebiden.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Mar 2024 09:03:25 GMT
Last-Modified
Mon, 24 Apr 2023 02:16:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB4469EB354082
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
x-ms-request-id
1eee4823-801e-0064-4f5c-74b6c9000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
58101
check-mark.svg
nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/
425 B
996 B
Image
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/check-mark.svg
Requested by
Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ee6268add264bfddc03a317f89550c9fcc88acf2aa3f822e5b140ca3c7eca57b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/themes/theme-styles.css?2023-11-13
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Mar 2024 09:03:25 GMT
Last-Modified
Mon, 24 Apr 2023 02:22:21 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB446ABC262B29
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
682e1ae3-f01e-007e-425c-74d716000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
425
Updated%203.28%20Seating%20Map.png
nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/
139 KB
139 KB
Image
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/NGP/NGP65/1/103337/images/Updated%203.28%20Seating%20Map.png
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c6594e0e114aa9c11cf9e8a1d8ace6ee11d8734424ce12f0a5a75088f85c8949

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Mar 2024 09:03:25 GMT
Last-Modified
Wed, 06 Mar 2024 23:47:36 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DC3E37CD3AB59D
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
b2515c53-501e-003a-045c-745d29000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
142248
vBBQG7QSB0KAexdWzBv2Bw2
secure.ngpvan.com/v1/Track/
0
189 B
Image
General
Full URL
https://secure.ngpvan.com/v1/Track/vBBQG7QSB0KAexdWzBv2Bw2?attr=112964503&formSessionId=9d4fd200-57c1-464e-9238-101604cc95df&bName=chrome&dType=desktop&formVersion=3/12/2024%2012:11:31%20AM|11/14/2023%208:13:15%20PM&fUrl=aHR0cHM6Ly9zZWN1cmUuam9lYmlkZW4uY29tL2EvM3ByZXNpZGVudHM%2FYXR0cj0xMTI5NjQ1MDM%3D&fRef=
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
-1
pragma
no-cache
date
Tue, 12 Mar 2024 09:03:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn
Imperva
x-frame-options
SAMEORIGIN
x-iinfo
3-48406709-48406715 PNNN RT(1710234204472 487) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers
Request-Context
cache-control
no-cache
x-incap-sess-cookie-hdr
v5FMTfENYjYyml521fhpA10a8GUAAAAAmPRM7VFt/ZbeFm/cPyo/6w==
content-length
0
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
fast-action.svg
static.everyaction.com/ea-actiontag/assets/images/
9 KB
9 KB
Image
General
Full URL
https://static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
Requested by
Host: secure.joebiden.com
URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8a00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.joebiden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 04:59:55 GMT
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
26015
x-cache
Hit from cloudfront
content-length
9203
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
server
AmazonS3
etag
"babd47dc25531a9faeadc04f1afa1910"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
9EGKZwWKgc4Xudkd3GGHSogHlRwVZmTPQ4rEa7RuxeYLLlBPdwc4Xw==
index.html
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame C1CD
158 KB
51 KB
Document
General
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632

Request headers

Referer
https://secure.joebiden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
19
Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 12 Mar 2024 09:03:12 GMT
ETag
W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified
Thu, 16 Mar 2023 10:29:57 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 392cb865edfd76152c5ac655614b2f60.cloudfront.net (CloudFront), 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
X-Amz-Cf-Id
mMWerEYgY6rsTL8WGUhqNaW-G9p-m349LY3i-ryZ8A5IDmtMQ84BDQ==
X-Amz-Cf-Pop
FRA56-P12 FRA60-P8
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256
x-amz-version-id
D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD
index.html
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 85AD
158 KB
51 KB
Document
General
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632

Request headers

Referer
https://secure.joebiden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
19
Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 12 Mar 2024 09:03:12 GMT
ETag
W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified
Thu, 16 Mar 2023 10:29:57 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 392cb865edfd76152c5ac655614b2f60.cloudfront.net (CloudFront), 1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
8dlAZrRq44GaJp7SAbCc9w2JimrzKhDob6XB0TsvGLaRbwwOw8qfvQ==
X-Amz-Cf-Pop
FRA56-P12 FRA60-P8
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256
x-amz-version-id
D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD
application.909e2f5f9100accd006e.modern.js
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame C1CD
331 KB
107 KB
Script
General
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f

Request headers

Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Origin
https://js.verygoodvault.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Content-Encoding
gzip
Via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 09:03:27 GMT
X-Amz-Cf-Pop
FRA60-P8
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Mar 2023 10:29:57 GMT
Server
AmazonS3
ETag
W/"55ba8f4f8f5789d1d6f863f100a30e86"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
X-Amz-Cf-Id
pv6zUyPRn7lAW09hCe91kJgKHAP9YoEJiMeUt4AyJ9PQ8dFGuZeNjQ==
application.909e2f5f9100accd006e.modern.js
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 85AD
331 KB
107 KB
Script
General
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f

Request headers

Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Origin
https://js.verygoodvault.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Content-Encoding
gzip
Via
1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 09:03:27 GMT
X-Amz-Cf-Pop
FRA60-P8
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Mar 2023 10:29:57 GMT
Server
AmazonS3
ETag
W/"55ba8f4f8f5789d1d6f863f100a30e86"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
X-Amz-Cf-Id
COv_0vX7a22yb7Zb7PZzt7QMbziwuSV9AJY6iZ_wy1R3U_Elz3DUPw==
application.909e2f5f9100accd006e.modern.js
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 9449
331 KB
107 KB
Script
General
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f

Request headers

Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Origin
https://js.verygoodvault.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Content-Encoding
gzip
Via
1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 09:03:27 GMT
X-Amz-Cf-Pop
FRA60-P8
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Mar 2023 10:29:57 GMT
Server
AmazonS3
ETag
W/"55ba8f4f8f5789d1d6f863f100a30e86"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
X-Amz-Cf-Id
hOYTR6-zd0jdo0FKBbO1gDPq72eWW4UtxSG0m0iPwg9BOXo-Ooljrg==
truncated
/ Frame C1CD
557 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cf4641497720eff15f2b923bdae3ffafe95044234ab5bf0028cb1f1e9e04186

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml
visa.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
1 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/visa.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
H.lNoG4vwL1ej33_03.Q4hw1WNRfkp4C
Content-Encoding
gzip
Via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 04:01:48 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
18165
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"bf0e3c7ebdd4f91c9ef36fefa89822e9"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
8zGq7fTDkGDL6W7X0cZTc5X6dY1t9HsBmm25-Zo4uFGD_928vkMTTg==
visa-electron.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
2 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/visa-electron.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
MgNF_FMVP1IvFHrPIq8AALFoZu_j7TtV
Content-Encoding
gzip
Via
1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 05:44:33 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
11934
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"c962f159de73e843c20331630bc3cd07"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
ZvRKctOLjz7YrYqzIOBB1a4RiqUaKtTc-pBhQ7ywsC2ObeoIqjSc2g==
amex.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
1 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/amex.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
ItVZhXC517ZMCtDQ0ErslqkZpDw4TP_K
Content-Encoding
gzip
Via
1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 01:33:43 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
26988
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"d76aac2504772a3c74494f11fd18d87f"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
vXsA-2o8pFBOQZOrmM2XAS0eal_MoOweIpRwUGQhP4SLhuvcxPDFAw==
maestro.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
4 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/maestro.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
1_p31LpzRSjwSiLiTYV71TUVe9IpUn9e
Content-Encoding
gzip
Via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 02:37:14 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
23173
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"3625c25fe4e71c0daa524694d3b3d2e2"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
LoMCMC-roeGtpYZbLWS4jf1Yvcr-wsr_vH75RRRSdiMGEUMa8flLrA==
mastercard.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
1 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/mastercard.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
PU9xtdz3b.d2kDLc5M1BB7mi5YpUwVDj
Content-Encoding
gzip
Via
1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 04:46:27 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
15439
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"8baef8cd0813bb42fe4bd99adf195035"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
E3qW1o_zB0x9kQlqQ-0U49UQpFMR4lJW6SGC6J5sQJEkAIFRub96lQ==
unionpay.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
5 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/unionpay.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
G6Y4bx8_pMrmOjFIicD1hgmIdROiurIv
Content-Encoding
gzip
Via
1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 04:13:05 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
17422
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"01249c1708efa3c5c18a35778f20207b"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
KW1oiYlgTGYIenujs-HmwFmk-TlT3MpKV2Ri7kWiYpf_K-YiJVVuaQ==
meeza.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
7 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/meeza.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
fIKvFE1HubfUWhiWGE6EdQYTnLAnJ9MH
Content-Encoding
gzip
Via
1.1 413634bfcacd752107ee361d53948cee.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 07:38:22 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
5245
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"07e73ffeb1e07b87f158e34e9900bd96"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
gEzLMtweKA5GSDT2qnzuwzZSoVZGhqGtryH3WWo1LpzE5mrtcAb_lA==
jcb.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
2 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/jcb.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
QmKwMQRUu5GGnar6U1.XDYKwXr9GTt4E
Content-Encoding
gzip
Via
1.1 7af089de61bb0f71465732ed7f6f3386.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 04:42:46 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
15645
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"afc9c9bd9dd25718d84aa1b295e3cd4f"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
q2Y7owzWTzGJtrwLdLlNBL5lybkUFGcJCbkkZpdMkjCePfrbRfqvvQ==
hipercard.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
3 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/hipercard.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
wESZZuki93YD2Y88rRKC5LDYBxi8XywO
Content-Encoding
gzip
Via
1.1 fd9d525f4633063393693172d96013ca.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 05:15:34 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
13673
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"39424aebb87e84c688d70ebf51e5cec6"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
uuA9-rjaI0XtXoM1Wmxfav2Li0tnkNJ6gtL98Hv33qfTVLCKyqExmQ==
forbrugsforeningen.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
2 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/forbrugsforeningen.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
iffR3o1DDLBtfD6DUK07BGzKAQQ9SkB1
Content-Encoding
gzip
Via
1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 03:59:36 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
18271
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"0e30901c80583be81a54ad19e75340a7"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
G8ZsFWe0t7CF3oCwPT8VFqki9pULTGFEgcz6guHX9ZnAZ-p7ez8c6w==
elo.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
2 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/elo.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
SZ2jJtdJs0WLGiaIwIjXub4ID5pKkMH_
Content-Encoding
gzip
Via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 03:59:36 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
18271
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"2819c6f92cfc42b73058a840aba885a7"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
8QKBWSTIyUusaOdWPKXE5I_SXdXrhJjd29_eak3kfEVgTZ2kAETVEA==
discover.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
2 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/discover.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
47gYKG16RG7X_h0fKEEIboeS2mmCMeYz
Content-Encoding
gzip
Via
1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 04:58:35 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
14692
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"5bd5bab591da0ad8f328376e0f9ebe29"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
phK-bmtIG7O81VyoCJnTkOTMJgHisrqam-QQ8RlCwBUZGxmLGBRCfQ==
diners-club.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
1 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/diners-club.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
GmZUrCmUOwT9x.EL1h3aTKcLFhZAn.Ls
Content-Encoding
gzip
Via
1.1 413634bfcacd752107ee361d53948cee.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 05:06:15 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
14237
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"39a2c40eee9103f96fab5bc8d3dbbeb8"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
3sOlUsQtOuQRwCo3o54CUNERsOOmXvVO6LOkIgcPUwfmeh82BQfVuA==
dankort.svg
js.verygoodvault.com/vgs-collect/icons/ Frame C1CD
0
1 KB
Other
General
Full URL
https://js.verygoodvault.com/vgs-collect/icons/dankort.svg
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
L7PgpoDJdtbcwmCNdHkqIlTpNlkZVtdK
Content-Encoding
gzip
Via
1.1 fd9d525f4633063393693172d96013ca.cloudfront.net (CloudFront)
Date
Tue, 12 Mar 2024 03:19:01 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
20738
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 Feb 2021 23:07:16 GMT
Server
AmazonS3
ETag
W/"5a58f174478046c4d7105db80bb660f0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
TfiiRGEjcM1aAFoj8xpAh7zfnBWce2GZ5fgXqGd5qqfKrM0-T9MpMg==
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://secure.joebiden.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 12 Mar 2024 09:03:25 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/
96 B
200 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f2bb4dee376206d9d121ca5f5d956e7953a0b7f7380095c59c367ef8a87b7178
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.joebiden.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Tue, 12 Mar 2024 09:03:26 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
vgs
vgs-collect-keeper.apps.verygood.systems/ Frame 9449
0
111 B
XHR
General
Full URL
https://vgs-collect-keeper.apps.verygood.systems/vgs
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.245.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-245-171.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.verygoodvault.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.verygoodvault.com
date
Tue, 12 Mar 2024 09:03:27 GMT
x-powered-by
Express
content-length
0
vary
Origin

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| myPostRender object| nvtag_callbacks function| cookieSettingsAcceptCookiesAi string| appInsightsSDK object| appInsights function| handleScriptLoadError object| VgForm object| SecureForm object| VGSCollect function| _ object| CSSModal object| nvtag object| Backbone object| dataLayer object| _gaq function| _jqjsp object| Microsoft object| __dynProto$Gbl object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType object| formview

8 Cookies

Domain/Path Name / Value
secure.joebiden.com/ Name: SessionKeyCookie
Value:
secure.joebiden.com/ Name: ___utmvc
Value: UDqaPG1rqqtu/u+pQJFceM68oBMZT+KLJ7QoXHzW6Oti44nfim1ylzU6WpyWa2gmsYjErvDhU3ZPwvdotwx0GomA3S0arIxO2EaZx5s9s9y46Tlr31DL+Y7w+yrFkxlsgBXe0xcbLVuxt7fvyVLmyVsscopl2Nv23Kv0grR0ICZZV+QwLklyohGBcLe8KZ5Zhmov4YYVo3qYT3NUTksgVDfHG3K3BZfIwsPonp/Cc/SqNlHi8TUA2WR6b3zsB3NQcnSmBOXIJy781YJOtWyCQrblnbUpVWwjnKSVUr30RN0X4Uqov4Oc1sh7NWGBry2MPDip44ol5NoZ86qx7QrmWNuY70gTJTjaKCT4Ttp41Wu5PrqoF4N2cMHqbyBhSM1w9NfsQioZheI/aecbb/tqq+LlIr+5w4mst2+mJcg6p/pXMNTzYKpVm1zXnCxnSRh0dj4/yHF7MSBYl6wx8QO9hcNP4ksWWc2hh1/wdNgLABAFKnyffJ6qJ11Re9+A4X0GtJO4JXCM3HI4b35AUZAxqjuNJOsvDYLvCfVcCzr+T0LCrJm2a7cpebs6urfQSfFyZaBSH0FmUfhaR6IXvUNKtUdebqrJZHszVHv770mBk9b79iDbAv5rdbRNmYqBj/FAp0vbUmrsS6qjTZ+fbn3at+LykroYKdBZmRJr/qqjtbKha2DZy6ff3EFbL0zcAIj7RdmBhM5WrmlbAf6r8T4nap1V/SkEcdIHD5Orn7/nzVSA7jNVa0wbQdt3AVdOEkZ1m0m3Hdwp6NPdbizTMtkmenkv0UuKrQwWPgSvCeVw0WXesuxrMOgzsspe0YyiiVC3UqjxitgE+4DdBM/T6ri+Yk6GEgvT6Lwkk4mTDejN7OdGGWpvNJlZNI2v/mN0v4SHqUtPItiOPyDNahk9NtP67Nqgrw7gtG1cMwPR9eGFVXpL3MLjOjXRKZrvrR9Bu/nky2Epcbbc4/g4fefTI6Z56TusO2yn7xvUsDP792TcSNzikeoDxvormTFUIS52waUt44it4gvBO8FuU7jwnjkq0e1pjfBI82NIb03dYBeSTN80JrjJowEjPTf2yViUmfOC+bGuie4iXe29SIHnCrQ8dMbHvtLkgmmQxHYCcVPAfS3Na4nl7u3ud3e+wjTfFV5I7WCguTdutXykY/ZQr4GMTqUWlvJU7cyCodSH7w+iPGyyT0pRbpO/8avnfETludFbZtqWjyF0nV/S3GISZr4CpaSkpPwO3VB1geiA/MnFf4UmzhGzLUKKLwJQEauVk8oQ+jFIEATd4QTQyLLsKjpAxHaIrscq3KuQLf/M5qNEJKuujq1W2jtpxULXw48SHPc63Xa/rKK4U5M8x9Ciw3k3VJEJPFLxHON+Z38MTI7FeIwJcwsgeuoOeOVQu+4h/+8qChqpdNd36g6VrwiFGg1daRlnkv0EQz9ZhOAIBbHkr06kuxyN1f4dJPRM1+/dfSHHry9JvnuLinWXS2+4p12F93HYBShKbVSQMVEAGbJ411K0iGGaZWB30Z9lA2gajUVQ5bTsr+qzPbs6Es2OrMnJ9xLl67LjJj79LUr+9z00kluTygXl8lQe64dHPn8peDcKsSdOcpv9iTkZU8rpgLDcdw/x37TeTMK2yc4LId8+KHr6fQKSkqWinmo0nAW57m26Y7zmYd+DaO3iIW5zBPfHrKol/UGGbeeq/pc/DukCY0ZvNlHi28jojZ0O2/irHbwXw2W63yFmQDv4T95Bia+4/GK/k10pPJRoYp+ulGw2B9Y5D32narVN4JK7MmcYb6niNN4Nlcn9prv/h7kYeVJFsW0Wf7pgnabReFbtHvpNDPRlbS7q5zVaDwDZd870tqQ+jXEXypbYJi4+Qv9qQn6//mbqZJJBz7Vz31Wc+8VdK2PccA8+mG6XIHj932g6oW4U2LV00N/yiuTayZWGguYdd/+YNKnqDe4yro/Zu332t6/fT3U3TlD99ZUGVho13zInj4UeSw96rXvQWz8pnWg7JvYUcurMCoXrMDuG8N0ipoYeBKvLEVKZ0/s31LTYotRtKvx7cCwG8HldYPERbyHUOT9XS++M+/7/Lwmt1xszCEAQILWuSZFX1z3T/7Cv5SO7BckWzmJLto3NRbv6kt1tFqdWhKqJDrilTqvq8QM+S5b99zpfMBYEHeUnNzgY2Aykt30dZ5BVj5lAvoPsfIwC1HozV582pfkznvwVqN58y36tyONgGxBy7JbZHSpCadWaXNzYlvt733Vg1NebrYoOHt1XGdpkzbb96BO2BENtkk3YE5egntXlPEKStbCTSmvIWuplwCJpe3zcs872OvxiD1a7u/RcA0WuGcdHX5yMLtrtaQwj2+kUzY9RCC9CzV1VGQESrNK1AFH3WqWSzTQKzV56a1n+1K2DZge2/4g3RbJ0wcLnPvZprhH1OBNxQzWwxBe8k1w9xSRBfjAgqVcNRKDMR76FoixkZarMs4kp7Q6xQRWWMcacQhyE1n0sWu/Inn4L+djgxaWgsJK6JWqDs+pehHcLHbWM7CSJuBSvoja/iyUjepkqy81093yzerKwGLzgfDpBzd70vpUhH00fScmDJ1tAre5MQ0OCLjzzuR8TYwcPc4bwOCfszMS+nieDREqDntWo7hNnJW9ir9NaEzx9yF/YpRQy6NzH35bFGhe34reoiKr9WWA7PmbHJol4/KvzFYw4PhZf1n0YM3KAFXDv2LpNAR1c1O/mkH+PwRNr5kBm+EKxHru0rRP5QeUtmS2WIHWclLjLBEHsztkANXf1cBs63WFRvvgX6kpEjfwvAiLrs0rP3s+SiHqSxZ8UlR1RLGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4=
secure.joebiden.com/ Name: ai_user
Value: G7YoP3a0WiIZGHWJID1oEq|2024-03-12T09:03:25.170Z
secure.joebiden.com/ Name: ai_session
Value: 5eVNPh4KjVzvpeWh/A8tBx|1710234205246|1710234205246
profile.ngpvan.com/ Name: ngpvanuser
Value: 0nMW8g5dOpckpmVG791lkEIc
.ngpvan.com/ Name: visid_incap_1002065
Value: C/q5HTMLQq636G83swOpQVwa8GUAAAAAQUIPAAAAAACxzVx6LRNbbcZzFol1/i3J
.ngpvan.com/ Name: nlbi_1002065
Value: SedgELovyCZ0ktYq0IOYSwAAAAD1xjYJbyR3O9S+7n/hyY5S
.ngpvan.com/ Name: incap_ses_246_1002065
Value: Vp/vL38vbn4yml521fhpA1wa8GUAAAAAD2ILE1NOOHMLv+79EFRHBA==

10 Console Messages

Source Level URL
Text
other warning URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.joebiden.com/a/3presidents?attr=112964503
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdnjs.cloudflare.com
code.jquery.com
dc.services.visualstudio.com
fastaction.ngpvan.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
profile.ngpvan.com
secure.joebiden.com
secure.ngpvan.com
static.everyaction.com
vgs-collect-keeper.apps.verygood.systems
107.21.245.171
13.32.27.93
18.172.112.16
20.50.88.242
20.60.58.97
2600:9000:2490:8a00:3:1d53:4780:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6811:190e
2a04:4e42::649
45.60.33.183
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
10ea83997b0c79a1e83bb5d8af4f25c154650a46fe766e2575a00a102f89c5cc
14551ca1e0d08a7ea27208b3da5d44c584d2acdc354eae8aeefdcdaf1244fa93
19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32
333af1d34af14bb57d27dd04b5847297a2af0dce4684a26cbe63b591423723ef
35287a6df42a43770f6a53e08836b5d9bccf73fa4210c92d1b7776fb26f1d13c
3b502e2aaf8567bcd41b22a11adb35e054978d7d112cfff854e8701b9ebc04a2
43c3959e53285e8858ec531d555603919a9a56f2d0ff065bab2bef7ea85ee506
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b22f3d5a161a2ef9306b976c3d1d23780eb12f34118b330ef99c8ca27c9d948
4bedb8798259dcc4e32a7cf1c3867680d285be84c4081b4a7fe73b745202b0dc
50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632
52295346176abfcc8382f06325130aeb71662a47f0f2dcc10c2c9f539e1db81b
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
63a66e1b3bb126e774cd303a9e80cc8615c66c6056fad6b8e303984772460b15
647e51003087f71a13ff6221716b6e465588245823820bf9d2e711016dd7c7ce
6724e38007436710587a98ff1d0770af52efe3e4b82c838e39d511496e3c131d
6ace7e5a67aeec033127347fe6d0e13b7ec27746fd1af2f8914efabce105451c
6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f
7cf4641497720eff15f2b923bdae3ffafe95044234ab5bf0028cb1f1e9e04186
9819c54e8c89cb3896396ce4045d5546d89ce8434ed536514044ac7fbfb6169f
a8833a7949af0f90b81741db0b4ba911bd390847f36414bb66ab52269fb3a727
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
c6594e0e114aa9c11cf9e8a1d8ace6ee11d8734424ce12f0a5a75088f85c8949
c695ffee6923c7729d8c38205a5388df4d32a226e2d33da6851e74e7225cbf3c
ce6ed04cc045150633068e3a8f54ee44a87f2e8a0da154402a1081b7f603eb1b
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
d581935657353c71b239b35ab4a0be1b3fbc80644f786bfa5a6b4987658cacc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee6268add264bfddc03a317f89550c9fcc88acf2aa3f822e5b140ca3c7eca57b
f2bb4dee376206d9d121ca5f5d956e7953a0b7f7380095c59c367ef8a87b7178
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e