Submitted URL: https://pb4wi.com/
Effective URL: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Submission: On April 11 via api from US — Scanned from US

Summary

This website contacted 10 IPs in 1 countries across 10 domains to perform 21 HTTP transactions. The main IP is 45.60.31.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.ngpvan.com. The Cisco Umbrella rank of the primary domain is 288884.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on November 7th 2023. Valid for: a year.
This is the only time secure.ngpvan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.237.133.81 14618 (AMAZON-AES)
1 1 23.22.5.68 14618 (AMAZON-AES)
1 10 45.60.31.183 19551 (INCAPSULA)
3 2600:9000:26f... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 45.223.137.238 19551 (INCAPSULA)
1 52.85.61.102 16509 (AMAZON-02)
1 2606:2800:11f... 15133 (EDGECAST)
1 2607:f8b0:400... 15169 (GOOGLE)
1 54.230.244.212 16509 (AMAZON-02)
2 52.179.73.38 8075 (MICROSOFT...)
21 10
Apex Domain
Subdomains
Transfer
10 ngpvan.com
secure.ngpvan.com — Cisco Umbrella Rank: 288884
profile.ngpvan.com — Cisco Umbrella Rank: 131168
fastaction.ngpvan.com — Cisco Umbrella Rank: 253744
47 KB
5 everyaction.com
static.everyaction.com — Cisco Umbrella Rank: 134173
prod.cdn.everyaction.com — Cisco Umbrella Rank: 87664
392 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 952
200 B
1 cloudfront.net
d1aqhv4sn5kxtx.cloudfront.net
10 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 5342
47 KB
1 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 48752
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 116
1004 B
1 oneswitchboard.com
secure.oneswitchboard.com
1 KB
1 pb4wi.com
pb4wi.com
1 KB
21 10
Domain Requested by
7 secure.ngpvan.com 1 redirects secure.ngpvan.com
az416426.vo.msecnd.net
3 static.everyaction.com secure.ngpvan.com
static.everyaction.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 profile.ngpvan.com static.everyaction.com
az416426.vo.msecnd.net
2 prod.cdn.everyaction.com secure.ngpvan.com
1 d1aqhv4sn5kxtx.cloudfront.net secure.ngpvan.com
1 fastaction.ngpvan.com az416426.vo.msecnd.net
1 fonts.gstatic.com fonts.googleapis.com
1 az416426.vo.msecnd.net secure.ngpvan.com
1 js.verygoodvault.com secure.ngpvan.com
1 fonts.googleapis.com secure.ngpvan.com
1 secure.oneswitchboard.com 1 redirects
1 pb4wi.com 1 redirects
21 13

This site contains links to these domains. Also see Links.

Domain
barcaforwisconsin.com
fastaction.ngpvan.com
Subject Issuer Validity Valid
*.ngpvan.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-11-07 -
2024-11-06
a year crt.sh
static.everyaction.com
Amazon RSA 2048 M03
2024-04-08 -
2025-05-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-02-15 -
2024-08-13
6 months crt.sh
*.verygoodvault.com
Amazon RSA 2048 M02
2023-12-19 -
2025-01-16
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2024-01-30 -
2025-01-30
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04
2024-04-10 -
2025-04-05
a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Frame ID: 658EBF6E078306F7CEF9DA87A02186E4
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Peter Barca for Congress

Page URL History Show full URLs

  1. https://pb4wi.com/ HTTP 302
    https://secure.oneswitchboard.com/shortlinks/pb4wi.com// HTTP 302
    https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

21
Requests

95 %
HTTPS

36 %
IPv6

10
Domains

13
Subdomains

10
IPs

1
Countries

573 kB
Transfer

1585 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pb4wi.com/ HTTP 302
    https://secure.oneswitchboard.com/shortlinks/pb4wi.com// HTTP 302
    https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://secure.ngpvan.com/favicon.ico HTTP 301
  • https://secure.ngpvan.com/Content/images/favicon.ico

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 2RL8PJ_bQkeh_j58seGeMw2
secure.ngpvan.com/
Redirect Chain
  • https://pb4wi.com/
  • https://secure.oneswitchboard.com/shortlinks/pb4wi.com//
  • https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
17 KB
6 KB
Document
General
Full URL
https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
13303bfa8a129c9c732aa924c09b7c02e901144735e30b5c8c7b6a4b241684b2
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=10
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Thu, 11 Apr 2024 03:21:27 GMT
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cdn
Imperva
x-content-type-options
nosniff
x-iinfo
12-36802038-36802059 NNNN CT(27 70 0) RT(1712805687002 212) q(0 0 1 1) r(1 1) U18
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Language
en
Content-Length
0
Content-Security-Policy
script-src * 'unsafe-eval' 'unsafe-inline'; default-src * data:; worker-src * data: blob:; style-src * 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Thu, 11 Apr 2024 03:21:27 GMT
Location
https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Permissions-Policy
camera=(), geolocation=(), microphone=()
Referrer-Policy
same-origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712805687&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=sUpRJlqefu1J448mrWfSIbpIUX1bB0ogE3rxHHuJCUs%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1712805687&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=sUpRJlqefu1J448mrWfSIbpIUX1bB0ogE3rxHHuJCUs%3D
Server
gunicorn
Strict-Transport-Security
max-age=3600; includeSubDomains
Vary
Accept-Language, Cookie, Origin
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Sb-Host
H
X-Xss-Protection
1; mode=block
at.js
static.everyaction.com/ea-actiontag/
840 KB
242 KB
Script
General
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:4a00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9053f52c25b3c8ff387facb5a23d979fedcb05947ddefff86f191294eaeb8ee8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/
Origin
https://secure.ngpvan.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 14:35:57 GMT
content-encoding
gzip
via
1.1 a7c9fe7eb79f698774d5b4dbc632cf68.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
age
45933
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
247303
last-modified
Tue, 09 Apr 2024 14:35:51 GMT
server
AmazonS3
etag
"1cf3993a7f26dabc4e23d059a4c27a26"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
yLF3M-P0noHQYrQ8cBNhuqMZZeAY-F03B8QYOtfQ0MSiRdimaL5DuQ==
at.min.css
static.everyaction.com/ea-actiontag/
59 KB
12 KB
Stylesheet
General
Full URL
https://static.everyaction.com/ea-actiontag/at.min.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:4a00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dcf7e39e5a25b0d604709cb02c921d79fbf7ae5f8043143eaad10b4bbb5419fa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 14:35:57 GMT
content-encoding
gzip
via
1.1 df10d763492b2272b777b93e70e1f4a4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
age
45933
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11705
last-modified
Tue, 09 Apr 2024 14:35:51 GMT
server
AmazonS3
etag
"f9da6a033ba8c049c45268c80bd18e86"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
qczboaRnoif5yH8o_hIDh1Sq6_vAoPeIg4lR20DPypRwwAxU7EGnrg==
css2
fonts.googleapis.com/
4 KB
1004 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Apr 2024 03:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 03:21:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Apr 2024 03:21:29 GMT
blah.png
prod.cdn.everyaction.com/images/van/NGP/NGP61/1/112263/images/
34 KB
34 KB
Image
General
Full URL
https://prod.cdn.everyaction.com/images/van/NGP/NGP61/1/112263/images/blah.png
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.223.137.238 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d4540f9fbf56b91e05ea56b4d738a5af2a5bf4cfba635d5a144c3a7f7e8c461b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 03:21:29 GMT
Last-Modified
Mon, 08 Apr 2024 21:13:41 GMT
X-CDN
Imperva
Etag
0x8DC5810C3F3D349
Content-Type
image/png
X-Iinfo
56-38453112-38450730 2VNN RT(1712805689478 579) q(0 0 0 7) r(2 2) U20
Cache-Control
max-age=300, public
x-incap-sess-cookie-hdr
ioaXU1ssRxdOJUM3GM7TGDpXF2YAAAAAHivccGI17Kv0X/exGahMqA==
Content-Length
34329
Expires
Thu, 11 Apr 2024 03:26:29 GMT
vgs-collect.js
js.verygoodvault.com/vgs-collect/2.18.4/
134 KB
44 KB
Script
General
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-102.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/
Origin
https://secure.ngpvan.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding
gzip
Via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
Date
Thu, 11 Apr 2024 03:20:50 GMT
X-Amz-Cf-Pop
EWR53-P1
Age
40
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Mar 2023 10:29:55 GMT
Server
AmazonS3
ETag
W/"156be461dd96d02fce3792c020f7748a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
X-Amz-Cf-Id
7exNVmpaVS_gMV0lTjy8h_X2gaseCr9uLWvlgq6dkCkdjnO8xWPhEw==
_Incapsula_Resource
secure.ngpvan.com/
147 KB
21 KB
Script
General
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1548675952
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fc9f70e8ca69037b98398e1ccce61bf13932b146559559a45280cde0ecc0dff5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
21301
content-type
application/javascript
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/
120 KB
47 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mic/9A8F) /
Resource Hash
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Apr 2024 03:21:30 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
MPOa5dHQWkOQRqdkBRC0hg==
age
1554
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.min.js
content-length
48078
x-ms-lease-status
unlocked
last-modified
Wed, 20 Mar 2024 17:31:27 GMT
server
ECAcc (mic/9A8F)
x-ms-meta-aijssdkver
2.8.18
etag
0x8DC490392FC747D
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c29734e3-601e-0070-4cbb-8b6a8b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Thu, 11 Apr 2024 03:51:30 GMT
peter-barca-action-themes.jpg
prod.cdn.everyaction.com/images/van/NGP/NGP61/1/112263/images/
88 KB
89 KB
Image
General
Full URL
https://prod.cdn.everyaction.com/images/van/NGP/NGP61/1/112263/images/peter-barca-action-themes.jpg
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.223.137.238 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
129e47008e3debe4ed168bd64f80bbd8f209d806d2f68a7b274ef1258f22cde4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 03:21:30 GMT
Last-Modified
Wed, 10 Apr 2024 15:25:21 GMT
X-CDN
Imperva
Etag
0x8DC59726F72AF68
Content-Type
image/jpeg
X-Iinfo
10-5561920-5557951 2VNN RT(1712805690054 282) q(0 0 0 1) r(2 2) U20
Cache-Control
max-age=300, public
x-incap-sess-cookie-hdr
grm2AoTM2TROJUM3GM7TGDpXF2YAAAAAUdj3YhgUflF1sstNh3aoqA==
Content-Length
89987
Expires
Thu, 11 Apr 2024 03:26:30 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://secure.ngpvan.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 07:47:27 GMT
x-content-type-options
nosniff
age
70443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Apr 2025 07:47:27 GMT
extra.min.css
static.everyaction.com/ea-actiontag/
78 KB
14 KB
Stylesheet
General
Full URL
https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:4a00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b08632204b34c5c1683d2c24582d2d0cbd0391932a7720d0fa645b36dfe1914b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 14:35:57 GMT
content-encoding
gzip
via
1.1 df10d763492b2272b777b93e70e1f4a4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
age
45934
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14170
last-modified
Tue, 09 Apr 2024 14:35:51 GMT
server
AmazonS3
etag
"fb74390c4d27aaa40f85f47725567845"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
9us77JNO-D4sGQY3U6Ws0ipklJ7mibw_rtIz-e4u-VnSJq7SmRdNSg==
identity
profile.ngpvan.com/
72 B
935 B
Script
General
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
b808a6da0bc33ce1b1abca00b01264039831028d547604392c314519992d4790
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-cdn
Imperva
etag
W/"48-tLtUowwOd1L+v459xkUcF81uaHg"
x-powered-by
Express, ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo
12-36802038-36802224 NNNN CT(27 68 0) RT(1712805687002 2497) q(0 1 1 0) r(2 2) U24
x-incap-sess-cookie-hdr
fgY3VwYo52TzSYYwqnfwfzlXF2YAAAAABXFo9Ox9LsbES75JJHB1rw==
content-length
193
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
2RL8PJ_bQkeh_j58seGeMw2
secure.ngpvan.com/v1/Forms/
8 KB
3 KB
XHR
General
Full URL
https://secure.ngpvan.com/v1/Forms/2RL8PJ_bQkeh_j58seGeMw2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
39cb978edd4db6f69344148bde4fac798ab71314e34fc0be6645ed8f779e91d2
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent
00-b41e58a9a41a45e397fd11e5dcab503a-6c28cb92051744d8-01
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
X-Requested-With
XMLHttpRequest
Request-Id
|b41e58a9a41a45e397fd11e5dcab503a.6c28cb92051744d8
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:21:30 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Imperva
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-iinfo
12-36802038-36802059 PNNN RT(1712805687002 2597) q(0 1 1 -1) r(1 1) U18
access-control-expose-headers
Request-Context
cache-control
public, max-age=10
content-length
2586
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
_Incapsula_Resource
secure.ngpvan.com/
1 B
35 B
Image
General
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8827660447259884
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
identity
fastaction.ngpvan.com/api/v2/
136 B
843 B
XHR
General
Full URL
https://fastaction.ngpvan.com/api/v2/identity
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
b250792734ee56f0d54aa49e53c408df49bdaf88415c1efc8b849463a7c7a465
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.ngpvan.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:21:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
x-cdn
Imperva
x-powered-by
Express, ASP.NET
p3p
CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo
12-36802038-36802252 NNNN CT(27 64 0) RT(1712805687002 2892) q(0 0 1 0) r(2 2) U4
content-length
251
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
server
Microsoft-IIS/10.0
etag
W/"88-AQTU6soTP74GkOcmxjGCn6+1Bgs"
vary
Accept-Encoding,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.ngpvan.com
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
AA10Uylg11JOSoYwqnfwfzpXF2YAAAAAyCuDENFpMhQObRlJATjBZA==
truncated
/
784 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
2RL8PJ_bQkeh_j58seGeMw2
secure.ngpvan.com/v1/Track/
0
197 B
Image
General
Full URL
https://secure.ngpvan.com/v1/Track/2RL8PJ_bQkeh_j58seGeMw2?formSessionId=ea1c0f0e-6ec4-4e9c-b2f8-4f3eb192accc&bName=chrome&dType=desktop&formVersion=4/10/2024%207:16:28%20PM|4/10/2024%205:44:38%20PM&fUrl=aHR0cHM6Ly9zZWN1cmUubmdwdmFuLmNvbS8yUkw4UEpfYlFrZWhfajU4c2VHZU13Mg%3D%3D&fRef=
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
pragma
no-cache
date
Thu, 11 Apr 2024 03:21:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn
Imperva
x-frame-options
SAMEORIGIN
x-iinfo
12-36802038-36802059 PNNN RT(1712805687002 2970) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers
Request-Context
cache-control
no-cache
content-length
0
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
fast-action.svg
d1aqhv4sn5kxtx.cloudfront.net/actiontag/assets/images/
9 KB
10 KB
Image
General
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/assets/images/fast-action.svg
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.212 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-212.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://secure.ngpvan.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 17:09:33 GMT
Via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR53-P1
Age
36719
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9203
Last-Modified
Wed, 08 Jan 2020 18:06:29 GMT
Server
AmazonS3
ETag
"babd47dc25531a9faeadc04f1afa1910"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
DF2RJJYBBWv4Vsw4d_-llr6k3ZEnhrj0ZSR2j34G7WWyO3K2wSNnXg==
nvtag
profile.ngpvan.com/v2/data/oNtX1HJHZ52fe30aP1$hT$H$/
2 B
832 B
XHR
General
Full URL
https://profile.ngpvan.com/v2/data/oNtX1HJHZ52fe30aP1$hT$H$/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.ngpvan.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:21:31 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-cdn
Imperva
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by
Express, ASP.NET
vary
Origin,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.ngpvan.com
x-iinfo
14-44715345-44715433 NNNN CT(40 74 0) RT(1712805690210 421) q(0 0 1 4) r(1 1) U24
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
R4poHbh8RWXzSYYwqnfwfzpXF2YAAAAAdV2wigUlor6ZhdxWlwRzcA==
content-length
123
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
track
dc.services.visualstudio.com/v2/
96 B
200 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.38 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
4f64a885c05496d42e554da814d208a8b83685bdc281d56f870868b5513eca88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://secure.ngpvan.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Thu, 11 Apr 2024 03:21:31 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
favicon.ico
secure.ngpvan.com/Content/images/
Redirect Chain
  • https://secure.ngpvan.com/favicon.ico
  • https://secure.ngpvan.com/Content/images/favicon.ico
15 KB
15 KB
Other
General
Full URL
https://secure.ngpvan.com/Content/images/favicon.ico
Protocol
H2
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7bf94a4aa6a0872064d045aab0bdc4f8518a5524848b2ad5bf494e552fa6364e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.ngpvan.com/2RL8PJ_bQkeh_j58seGeMw2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 03:21:30 GMT
last-modified
Wed, 20 Mar 2024 21:17:14 GMT
x-cdn
Imperva
etag
"06998fab7bda1:0"
content-type
image/x-icon
x-iinfo
12-36802038-0 0cNN RT(1712805687002 3920) q(0 -1 -1 -1) r(0 -1)
access-control-expose-headers
Request-Context
content-length
15086

Redirect headers

date
Thu, 11 Apr 2024 03:21:31 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
server
Microsoft-IIS/10.0
x-cdn
Imperva
content-type
text/html; charset=utf-8
location
https://secure.ngpvan.com/Content/images/favicon.ico
x-iinfo
12-36802038-36802059 PNNN RT(1712805687002 3816) q(0 0 0 -1) r(0 0) U11
content-length
175
track
dc.services.visualstudio.com/v2/
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.38 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://secure.ngpvan.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Thu, 11 Apr 2024 03:21:31 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| cookieSettingsAcceptCookiesAi string| appInsightsSDK object| appInsights function| handleScriptLoadError object| VgForm object| SecureForm object| VGSCollect object| Microsoft object| __dynProto$Gbl function| _ object| Backbone object| CSSModal object| nvtag object| dataLayer object| _gaq function| _jqjsp object| user object| nvtag_plugins object| formview

12 Cookies

Domain/Path Name / Value
.ngpvan.com/ Name: visid_incap_1002065
Value: pHmWCgK5QFm1xkodq6cAUjdXF2YAAAAAQUIPAAAAAAAv5IXzrNrNizvvCuQLDuy1
.ngpvan.com/ Name: nlbi_1002065
Value: WEifEEPq+izmanyp0IOYSwAAAACRwWlibn2IQLZh9MYKpPwL
.ngpvan.com/ Name: incap_ses_9219_1002065
Value: SGEVSBi3pWCLSIYwqnfwfzdXF2YAAAAA3Gbjuj0iY7UwbY2UrHNR9A==
secure.ngpvan.com/ Name: ai_user
Value: ROT7LMlZEPcWJRDTZMSWd9|2024-04-11T03:21:30.179Z
.ngpvan.com/ Name: visid_incap_2233503
Value: diIfI/4eQkq6V7HBbyNw+zlXF2YAAAAAQUIPAAAAAABdeHYFY/IY9N+flclR9O1k
.ngpvan.com/ Name: nlbi_2233503
Value: qNZKJlo51D1cVIbZwSMtjAAAAADQnuL8nNoujPLY/LURLHK6
.ngpvan.com/ Name: incap_ses_9219_2233503
Value: PxTrBN0nFnbzSYYwqnfwfzlXF2YAAAAAANIBKVw5ztWvhF9uCM+noA==
profile.ngpvan.com/ Name: ngpvanuser
Value: oNtX1HJHZ52fe30aP1%24hT%24H%24
secure.ngpvan.com/ Name: ai_session
Value: A+CTBbNjJY4t5WNIfWZDxi|1712805690698|1712805690698
.ngpvan.com/ Name: visid_incap_972453
Value: 281qOnxkSw6XpDPljqaYWTlXF2YAAAAAQUIPAAAAAAB1miMGxumbLUrZBGET0vTo
.ngpvan.com/ Name: nlbi_972453
Value: +0OSWZ3sY2IFOxQ7+GeOKAAAAAAjVkL2OIBD061I3wVKj1Py
.ngpvan.com/ Name: incap_ses_9219_972453
Value: EIGIU+y3JDBOSoYwqnfwfzpXF2YAAAAA0Yu8KS0bHw94X3CN5Rsmhw==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
d1aqhv4sn5kxtx.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
js.verygoodvault.com
pb4wi.com
prod.cdn.everyaction.com
profile.ngpvan.com
secure.ngpvan.com
secure.oneswitchboard.com
static.everyaction.com
23.22.5.68
2600:9000:26fa:4a00:3:1d53:4780:93a1
2606:2800:11f:17a5:191a:18d5:537:22f9
2607:f8b0:4006:807::200a
2607:f8b0:4006:80e::2003
45.223.137.238
45.60.31.183
52.179.73.38
52.85.61.102
54.230.244.212
54.237.133.81
129e47008e3debe4ed168bd64f80bbd8f209d806d2f68a7b274ef1258f22cde4
13303bfa8a129c9c732aa924c09b7c02e901144735e30b5c8c7b6a4b241684b2
39cb978edd4db6f69344148bde4fac798ab71314e34fc0be6645ed8f779e91d2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f64a885c05496d42e554da814d208a8b83685bdc281d56f870868b5513eca88
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
7bf94a4aa6a0872064d045aab0bdc4f8518a5524848b2ad5bf494e552fa6364e
9053f52c25b3c8ff387facb5a23d979fedcb05947ddefff86f191294eaeb8ee8
ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b
b08632204b34c5c1683d2c24582d2d0cbd0391932a7720d0fa645b36dfe1914b
b250792734ee56f0d54aa49e53c408df49bdaf88415c1efc8b849463a7c7a465
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
b808a6da0bc33ce1b1abca00b01264039831028d547604392c314519992d4790
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
d4540f9fbf56b91e05ea56b4d738a5af2a5bf4cfba635d5a144c3a7f7e8c461b
dcf7e39e5a25b0d604709cb02c921d79fbf7ae5f8043143eaad10b4bbb5419fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc9f70e8ca69037b98398e1ccce61bf13932b146559559a45280cde0ecc0dff5
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc