urlscan.io logo urlscan.io
SecurityTrails logo

secure.ngpvan.com Open in urlscan Pro
45.60.33.183  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Submission: On June 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 41 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.ngpvan.com. The Cisco Umbrella rank of the primary domain is 59054.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on December 30th 2021. Valid for: a year.
This is the only time secure.ngpvan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 45.60.33.183 19551 (INCAPSULA)
8 2600:9000:224... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:133... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
5 20.60.58.97 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.69.106.212 8075 (MICROSOFT...)
41 11
11    45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)
secure.ngpvan.com
profile.ngpvan.com
fastaction.ngpvan.com
secure.everyaction.com
8    2600:9000:224a:4200:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.everyaction.com
2    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2600:9000:21f3:a000:14:79be:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js2.verygoodvault.com
9    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    20.60.58.97 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nvlupin.blob.core.windows.net
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    13.69.106.212 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
10 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 328
www.google-analytics.com — Cisco Umbrella Rank: 43
37 KB
10 ngpvan.com
secure.ngpvan.com — Cisco Umbrella Rank: 59054
profile.ngpvan.com — Cisco Umbrella Rank: 53349
fastaction.ngpvan.com — Cisco Umbrella Rank: 109062
34 KB
9 everyaction.com
static.everyaction.com — Cisco Umbrella Rank: 98714
secure.everyaction.com — Cisco Umbrella Rank: 53728
451 KB
5 windows.net
nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 46987
81 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 673
283 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
90 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
440 B
1 verygoodvault.com
js2.verygoodvault.com — Cisco Umbrella Rank: 57642
24 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1557
42 KB
41 9
Domain Requested by
9 www.google-analytics.com www.googletagmanager.com
az416426.vo.msecnd.net
secure.ngpvan.com
8 static.everyaction.com secure.ngpvan.com
static.everyaction.com
7 secure.ngpvan.com secure.ngpvan.com
az416426.vo.msecnd.net
5 nvlupin.blob.core.windows.net secure.ngpvan.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 profile.ngpvan.com static.everyaction.com
az416426.vo.msecnd.net
2 www.googletagmanager.com secure.ngpvan.com
static.everyaction.com
1 secure.everyaction.com az416426.vo.msecnd.net
1 stats.g.doubleclick.net az416426.vo.msecnd.net
1 fastaction.ngpvan.com static.everyaction.com
1 js2.verygoodvault.com static.everyaction.com
1 ssl.google-analytics.com secure.ngpvan.com
1 az416426.vo.msecnd.net secure.ngpvan.com
41 13

This site contains links to these domains. Also see Links.

Domain
www.mfpe.org
fastaction.ngpvan.com
www.ngpvan.com
Subject Issuer Validity Valid
*.ngpvan.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-30 -
2023-01-14		 a year crt.sh
static.everyaction.com
Amazon		 2022-06-08 -
2023-07-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
*.verygoodvault.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2022-04-26 -
2023-04-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.everyaction.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-04-11 -
2023-04-11		 a year crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 01		 2022-05-07 -
2023-05-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Frame ID: D457A16D03083473A4A5970A11C3CC89
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MFPE State Employee Pre-Budget Priorities Survey #2

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

41
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

13
Subdomains

11
IPs

4
Countries

760 kB
Transfer

2156 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jb_mvvcEhEKzngnDwxNvDA2
secure.ngpvan.com/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
34fca39fa768250c796be4847e4c7001213ce317253ec4c9bc6f35ec4e9cf292
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=10
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Thu, 09 Jun 2022 13:02:55 GMT
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cdn
Imperva
x-content-type-options
nosniff
x-iinfo
10-76612672-76612675 NNNN CT(88 184 0) RT(1654779775705 11) q(0 0 2 0) r(4 4) U18
x-xss-protection
1; mode=block
published.css
secure.ngpvan.com/Content/css/forms/ 		361 B
374 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Content/css/forms/published.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
92d20b6e55111266f61347ec04f0fd23e9f1abe3138150196ce6674d8ba529ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 13:02:56 GMT
content-encoding
gzip
last-modified
Mon, 06 Jun 2022 18:56:18 GMT
x-cdn
Imperva
etag
"075ae1ad779d81:0"
content-type
text/css
x-iinfo
10-76612672-75728937 2CNN RT(1654779775705 524) q(0 0 0 -1) r(0 0)
access-control-expose-headers
Request-Context
content-length
219
at.js
static.everyaction.com/ea-actiontag/ 		844 KB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7717cd4f93abc9de5a76ca86561929f03033a0e254ef53f7d0b92e557f14a3

Request headers

Referer
https://secure.ngpvan.com/
Origin
https://secure.ngpvan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 17:36:58 GMT
content-encoding
gzip
age
69959
x-cache
Hit from cloudfront
content-length
245719
access-control-allow-origin
*
last-modified
Wed, 08 Jun 2022 17:36:36 GMT
server
AmazonS3
etag
"c9856a0e84e5eccb2756e98aa4a81985"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
1ej75er4CBLHZC3OzlFPLnZ49maqN7DYji_s3STpD-_jq0_TZ-UoHQ==
at.min.css
static.everyaction.com/ea-actiontag/ 		59 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.min.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a52bd15d49c421b4257b9f64e360220a40f68d0f5daf2fee1994cb6302e759a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 17:36:47 GMT
content-encoding
gzip
age
69970
x-cache
Hit from cloudfront
content-length
11449
access-control-allow-origin
*
last-modified
Wed, 08 Jun 2022 17:36:36 GMT
server
AmazonS3
etag
"8172079bb4b9d3d490d88fbfcc495778"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
HnZZiR_lwqHIp5DNDGv0G3c9XGcb_5D6dFv8GL0jcG9eejCth_obxQ==
_Incapsula_Resource
secure.ngpvan.com/ 		138 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=654728318
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2c569f4d1c2dfdbb827657938dfe0bca6056995854e2e3de97a2339c70aaef50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
19959
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		129 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM473M
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7076cac6f32fbbfee7d513c424a64eeb04622c436eeb0238cfc24d3f2fc46f03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 13:02:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47150
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Jun 2022 13:02:56 GMT
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F5B) /
Resource Hash
450c11968152d6120b39f80fe8de61e4284ee3f8555aa6d4f95905da97d565cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Jun 2022 13:02:56 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
w01n43WhWbndRd7LhVxiBA==
age
1745
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.4.min.js
content-length
42351
x-ms-lease-status
unlocked
last-modified
Wed, 08 Jun 2022 16:01:35 GMT
server
ECAcc (frc/8F5B)
x-ms-meta-aijssdkver
2.8.4
etag
0x8DA496829B6F874
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
bd56d033-f01e-001c-6afd-7bba15000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Thu, 09 Jun 2022 13:32:56 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5919
date
Thu, 09 Jun 2022 11:24:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 09 Jun 2022 13:24:17 GMT
_Incapsula_Resource
secure.ngpvan.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5985551819062749
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
gtm.js
www.googletagmanager.com/ 		121 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b6c605fbf7e60ffb1413452848c69031c3b8d31eb27d6e8471c5e8f606093638
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 13:02:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44529
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Jun 2022 13:02:56 GMT
extra.min.css
static.everyaction.com/ea-actiontag/ 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a07a14b1a9190f5fc794d9e7aa2c26e89d0f946e1b03e17f5e01ff1a4ce2ae47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 17:37:04 GMT
content-encoding
gzip
age
69953
x-cache
Hit from cloudfront
content-length
16785
access-control-allow-origin
*
last-modified
Wed, 08 Jun 2022 17:36:36 GMT
server
AmazonS3
etag
"3ac49f8dd9674b28be51a003db0283d9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
SwLzVnZ5aIVMzUmFrNc97pd0I5rB0--lw98rj1jv06_SjD4eBvUT5w==
identity
profile.ngpvan.com/ 		72 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
6c5e5b070a22b1bc39eeeec1316bb5fc7164f4a1e992a208a50282900ee07b0b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 13:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
vary
Accept-Encoding
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo
10-76612672-76612830 NNNN CT(88 180 0) RT(1654779775705 852) q(0 0 3 3) r(4 4) U5
x-cdn
Imperva
content-type
text/javascript; charset=utf-8
content-length
194
etag
W/"48-0WTuSETZbD3fg186lBNKcdGOzKc"
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
AC2nt8erbFu3svSWxmyTZr1b.js
js2.verygoodvault.com/vgs-collect/1/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js2.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a000:14:79be:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
s108w9ESk9MsUpkYVuIVY.XmC2guOF28
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 24 Apr 2020 20:22:27 GMT
Server
AmazonS3
Age
27
ETag
W/"9b953aa54ddcf3f41bc5a40e25cf8452"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Thu, 09 Jun 2022 13:02:56 GMT
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
JDuYS8ZufUfp-EVuC5fb-cd3KP2KGcsTVLKxKla1KcZupvEvPi_yXw==
jb_mvvcEhEKzngnDwxNvDA2
secure.ngpvan.com/v1/Forms/ 		21 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/v1/Forms/jb_mvvcEhEKzngnDwxNvDA2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1da880075013fc0d3813d127fca4c4eba4954497c6a046a847dfbd495bf6e684
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Request-Id
|9edd0ba276fa466995ff1d1c71684bce.3a8824c69433483c
X-Requested-With
XMLHttpRequest
traceparent
00-9edd0ba276fa466995ff1d1c71684bce-3a8824c69433483c-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Referer
https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2

Response headers

date
Thu, 09 Jun 2022 13:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Imperva
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-iinfo
10-76612672-76612675 PNNN RT(1654779775705 864) q(0 0 0 -1) r(2 2) U18
access-control-expose-headers
Request-Context
cache-control
public, max-age=10
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
strict-transport-security
max-age=31536000
vary
Origin,Accept-Encoding
content-length
6878
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
ngpvan-logo-16.png
static.everyaction.com/ea-actiontag/assets/images/ 		617 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.everyaction.com/ea-actiontag/assets/images/ngpvan-logo-16.png
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.everyaction.com/ea-actiontag/extra.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 19 May 2022 00:51:50 GMT
via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
age
1858267
x-cache
Hit from cloudfront
content-length
617
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
server
AmazonS3
etag
"3d6f9aab1e809b87c195e78264cb01f8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
Pugzc4hRTudpZglQV7MuEELk968cU-csoBrlOCAJ67FS5oFcI0Ts1g==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2628
date
Thu, 09 Jun 2022 12:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 09 Jun 2022 14:19:08 GMT
identity
fastaction.ngpvan.com/api/v1/ 		182 B
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1654779776821=
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
7fddd1be3d6f03f4e67ccecd8c58fd07af9674bd324f76f1b62358e67541566d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 13:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
vary
Accept-Encoding,Accept-Encoding
p3p
CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo
10-76612672-76612886 NNNN CT(88 180 0) RT(1654779775705 1075) q(0 0 3 1) r(4 4) U4
x-cdn
Imperva
strict-transport-security
max-age=31536000; includeSubdomains
content-type
text/javascript; charset=utf-8
content-length
293
etag
W/"b6-x+ASlopuOg3TRNaTWxWDQgiON9w"
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
glyphicons-regular.woff2
static.everyaction.com/ea-actiontag/assets/fonts/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/assets/fonts/glyphicons-regular.woff2
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Referer
https://static.everyaction.com/ea-actiontag/extra.min.css
Origin
https://secure.ngpvan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 03:30:38 GMT
via
1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
age
34339
x-cache
Hit from cloudfront
content-length
96388
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
server
AmazonS3
etag
"aca35251952e72d9e32d41217f0f97ab"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
W8QDTLjlCBTnCM9kSBX3ry9cYh2LuHvvT6rs-EhodoFBu1EHry81cA==
intl-tel.input.utils.js
static.everyaction.com/ea-actiontag/assets/js/ 		245 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/assets/js/intl-tel.input.utils.js
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 00:31:20 GMT
content-encoding
gzip
age
4192297
x-cache
Hit from cloudfront
content-length
56004
access-control-allow-origin
*
last-modified
Tue, 12 Apr 2022 14:33:00 GMT
server
AmazonS3
etag
"4b9bf850ee4aa76202eb0e6f5948bfa8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
YWPtoCwJSXk5aLnbLNSQU-85--_r9SW3FW87C2GwvJQxtsx6oLQXew==
truncated
/ 		784 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
flags.png
static.everyaction.com/ea-actiontag/assets/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.everyaction.com/ea-actiontag/assets/images/flags.png
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.everyaction.com/ea-actiontag/extra.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:01:05 GMT
via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
age
3405712
x-cache
Hit from cloudfront
content-length
20389
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
server
AmazonS3
etag
"4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
BQk42Vo4AI-nNaw2ioDSqt2S3t6cachJo6IMV9-qkVh8i-wYs-7enA==
2022%20PBN%20Raise%20Type.png
nvlupin.blob.core.windows.net/images/van/AV/AVNMW/1/25123/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/AV/AVNMW/1/25123/images/2022%20PBN%20Raise%20Type.png
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
07b72cdaf7705e1ddffbb3cb0f419220fcbd53357f84bb7e1a69b2cacda0f310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 09 Jun 2022 13:02:56 GMT
Last-Modified
Thu, 05 May 2022 18:07:09 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DA2EC2129B46D5
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
aa8cd5c3-b01e-007f-3d01-7c88ca000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
13833
2022%20PBN%20Locality%20Pay.png
nvlupin.blob.core.windows.net/images/van/AV/AVNMW/1/25123/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/AV/AVNMW/1/25123/images/2022%20PBN%20Locality%20Pay.png
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d9fa995211a92f7466735bf5581e970c7199f3d90656abe32c2c2426e036df3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 09 Jun 2022 13:02:56 GMT
Last-Modified
Thu, 05 May 2022 18:07:08 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DA2EC211EF8FBC
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
41f9fc48-001e-0008-7601-7c5d5e000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
11696
2022%20PBN%20Telework.png
nvlupin.blob.core.windows.net/images/van/AV/AVNMW/1/25123/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/AV/AVNMW/1/25123/images/2022%20PBN%20Telework.png
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b8f056aae9cc425e4299db3cb8c644d9827a7107594cb8e6ad2226ae7d99b7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 09 Jun 2022 13:02:56 GMT
Last-Modified
Thu, 05 May 2022 18:07:10 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DA2EC21353A649
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
e43f31f2-801e-0039-0501-7cbc4d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
10941
2022%20PBN%20Caregiver%20Leave.png
nvlupin.blob.core.windows.net/images/van/AV/AVNMW/1/25123/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/AV/AVNMW/1/25123/images/2022%20PBN%20Caregiver%20Leave.png
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e79adb1ae3d535afcba7e590308ed945ffed14b5198efd6d163d600a8e790bea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 09 Jun 2022 13:02:56 GMT
Last-Modified
Thu, 05 May 2022 18:07:06 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DA2EC210A6C555
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
ac1f8910-b01e-0050-6e01-7c8501000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
18254
2022%20PBN%20Employer%20Contribution.png
nvlupin.blob.core.windows.net/images/van/AV/AVNMW/1/25123/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/AV/AVNMW/1/25123/images/2022%20PBN%20Employer%20Contribution.png
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2c5a5f92d9cf1bb0489e6034b9d292afe73863ab26fe5193039fe79b9c47dd1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 09 Jun 2022 13:02:56 GMT
Last-Modified
Thu, 05 May 2022 18:07:07 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DA2EC211478192
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
b06d10b7-a01e-0063-2e01-7cdaaa000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
25284
jb_mvvcEhEKzngnDwxNvDA2
secure.ngpvan.com/v1/Track/ 		0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/v1/Track/jb_mvvcEhEKzngnDwxNvDA2?formSessionId=880dd575-bc41-4a53-b57c-da85762967b0&bName=chrome&dType=desktop&fUrl=aHR0cHM6Ly9zZWN1cmUubmdwdmFuLmNvbS9qYl9tdnZjRWhFS3puZ25Ed3hOdkRBMg%3D%3D&fRef=
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 13:02:56 GMT
x-content-type-options
nosniff
expires
-1
x-cdn
Imperva
x-frame-options
SAMEORIGIN
x-iinfo
10-76612672-76612675 PNNN RT(1654779775705 1104) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers
Request-Context
cache-control
no-cache
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
fast-action.svg
static.everyaction.com/ea-actiontag/assets/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 06:42:28 GMT
via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
age
22829
x-cache
Hit from cloudfront
content-length
9203
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
server
AmazonS3
etag
"babd47dc25531a9faeadc04f1afa1910"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
qYPlqFjkUfd4aTH_eOoIgmfxsOIYUimRdbdrkBJ7i1HwiPI0dSN3yQ==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1512955242&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2Fjb_mvvcEhEKzngnDwxNvDA2&ul=en-us&de=UTF-8&dt=MFPE%20State%20Employee%20Pre-Budget%20Priorities%20Survey%20%232&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utt=177&_u=YEBAAEABAAAAAC~&jid=1064785981&gjid=1930565676&cid=507015794.1654779777&tid=UA-28243511-22&_gid=1904130289.1654779777&_r=1&gtm=2wg6605L2FSL&z=629180199
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 13:02:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.ngpvan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28243511-23&cid=507015794.1654779777&jid=522895550&gjid=1134088554&_gid=1904130289.1654779777&_u=YGDAgEABAAAAAG~&z=1227691051
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 09 Jun 2022 13:02:57 GMT
content-type
text/plain
access-control-allow-origin
https://secure.ngpvan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1512955242&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2Fjb_mvvcEhEKzngnDwxNvDA2&ul=en-us&de=UTF-8&dt=MFPE%20State%20Employee%20Pre-Budget%20Priorities%20Survey%20%232&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAC~&jid=522895550&gjid=1134088554&cid=507015794.1654779777&tid=UA-28243511-23&_gid=1904130289.1654779777&gtm=2wg6605L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FAV%2FAVNMW%2F1%2F25123&cd3=5043727&cd5=2022%20PBN%20Survey%20%232&cd6=jb_mvvcEhEKzngnDwxNvDA2&z=464698652
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 00:33:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44955
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1512955242&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2Fjb_mvvcEhEKzngnDwxNvDA2&ul=en-us&de=UTF-8&dt=MFPE%20State%20Employee%20Pre-Budget%20Priorities%20Survey%20%232&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PetitionForm&ea=Form%20Load&el=Minimal&ev=27&_u=YGDAgEABAAAAAG~&jid=&gjid=&cid=507015794.1654779777&tid=UA-28243511-23&_gid=1904130289.1654779777&gtm=2wg6605L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FAV%2FAVNMW%2F1%2F25123&cd3=5043727&cd5=2022%20PBN%20Survey%20%232&cd6=jb_mvvcEhEKzngnDwxNvDA2&z=1484588635
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 00:33:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44955
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1512955242&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2Fjb_mvvcEhEKzngnDwxNvDA2&ul=en-us&de=UTF-8&dt=MFPE%20State%20Employee%20Pre-Budget%20Priorities%20Survey%20%232&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utt=8&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=507015794.1654779777&tid=UA-28243511-22&_gid=1904130289.1654779777&gtm=2wg6605L2FSL&z=1219384069
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 00:33:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44955
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1512955242&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2Fjb_mvvcEhEKzngnDwxNvDA2&ul=en-us&de=UTF-8&dt=MFPE%20State%20Employee%20Pre-Budget%20Priorities%20Survey%20%232&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utt=43&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=507015794.1654779777&tid=UA-28243511-22&_gid=1904130289.1654779777&gtm=2wg6605L2FSL&z=1902217614
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 00:33:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44955
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1512955242&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2Fjb_mvvcEhEKzngnDwxNvDA2&ul=en-us&de=UTF-8&dt=MFPE%20State%20Employee%20Pre-Budget%20Priorities%20Survey%20%232&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utt=8&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=507015794.1654779777&tid=UA-28243511-22&_gid=1904130289.1654779777&gtm=2wg6605L2FSL&z=1056531315
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 00:33:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44955
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1512955242&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2Fjb_mvvcEhEKzngnDwxNvDA2&ul=en-us&de=UTF-8&dt=MFPE%20State%20Employee%20Pre-Budget%20Priorities%20Survey%20%232&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utt=241&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=507015794.1654779777&tid=UA-28243511-22&_gid=1904130289.1654779777&gtm=2wg6605L2FSL&z=1419145727
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 00:33:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44955
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1512955242&t=timing&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2Fjb_mvvcEhEKzngnDwxNvDA2&ul=en-us&de=UTF-8&dt=MFPE%20State%20Employee%20Pre-Budget%20Priorities%20Survey%20%232&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=279&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=507015794.1654779777&tid=UA-28243511-22&_gid=1904130289.1654779777&gtm=2wg6605L2FSL&z=1650887726
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 00:33:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44955
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
nvtag
profile.ngpvan.com/v2/data/L_IVWzsZPqRbmtzCsK2$rcJV/ 		2 B
953 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/v2/data/L_IVWzsZPqRbmtzCsK2$rcJV/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.ngpvan.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 13:02:57 GMT
content-encoding
gzip
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
vary
Origin,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.ngpvan.com
x-iinfo
10-76612928-76612830 PNNN RT(1654779776945 127) q(0 0 0 -1) r(1 1) U5
access-control-allow-credentials
true
content-length
123
x-cdn
Imperva
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
L_IVWzsZPqRbmtzCsK2$rcJV
secure.everyaction.com/Databag/Profile/ 		0
1022 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/Databag/Profile/L_IVWzsZPqRbmtzCsK2$rcJV
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.ngpvan.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 13:02:56 GMT
x-content-type-options
nosniff
x-cdn
Imperva
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://secure.ngpvan.com
x-iinfo
10-76612980-76612982 NNNN CT(89 179 0) RT(1654779777236 10) q(0 0 3 1) r(5 5) U11
access-control-expose-headers
Request-Context
cache-control
private
access-control-allow-credentials
true
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
L_IVWzsZPqRbmtzCsK2$rcJV
secure.ngpvan.com/Databag/Profile/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Databag/Profile/L_IVWzsZPqRbmtzCsK2$rcJV
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.ngpvan.com/jb_mvvcEhEKzngnDwxNvDA2
Request-Id
|9edd0ba276fa466995ff1d1c71684bce.8e79979d7b6742ca
traceparent
00-9edd0ba276fa466995ff1d1c71684bce-8e79979d7b6742ca-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 13:02:56 GMT
x-content-type-options
nosniff
x-cdn
Imperva
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
x-iinfo
10-76612672-76612675 PNNN RT(1654779775705 1479) q(0 0 0 -1) r(1 1) U11
access-control-expose-headers
Request-Context
cache-control
private
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://secure.ngpvan.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Thu, 09 Jun 2022 13:02:57 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		98 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fe1f3318c29bad1a8b03f348b5e0749aedb2583c7d5c17d98b7b00b8b696216f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
A37489F7-23D9-410F-AFC3-9EB98B816771
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Thu, 09 Jun 2022 13:02:57 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
98

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation string| sdkInstance string| aiName object| aisdk string| appInsightsSDK object| appInsights function| handleScriptLoadError object| dataLayer boolean| exileHeaderAndFooter object| e function| n object| Microsoft function| _ object| CSSModal object| intlTelInputGlobals function| intlTelInput object| nvtag object| _gaq object| google_tag_manager object| Backbone object| atLayer function| _jqjsp object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType object| _gat number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad object| VgForm object| SecureForm object| VGSCollect object| google_tag_data string| GoogleAnalyticsObject function| ga object| formview object| gaplugins object| gaGlobal object| gaData object| intlTelInputUtils

24 Cookies

Domain/Path Name / Value
.ngpvan.com/ Name: visid_incap_1002065
Value: L+NsSziyR16Sa5LDdex+F3/voWIAAAAAQUIPAAAAAABD1yUkirLgJ6+ls8jGn4wC
.ngpvan.com/ Name: nlbi_1002065
Value: Ru5RTYokZgEBI0w60IOYSwAAAABF+oWehRTgbkP8EArMw2Zx
.ngpvan.com/ Name: incap_ses_472_1002065
Value: Ql5AXgr8MhadjfdlSuKMBoDvoWIAAAAA6gwmNthcBZN2i1Vp8CdFqA==
.secure.ngpvan.com/ Name: TiPMix
Value: 60.9908940271371
.secure.ngpvan.com/ Name: x-ms-routing-name
Value: self
secure.ngpvan.com/ Name: ai_user
Value: wQyDd7dFX2y7kChlhr2LZJ|2022-06-09T13:02:56.381Z
secure.ngpvan.com/ Name: ai_session
Value: NM71mATZbTY0U9kmA0aTvs|1654779776704|1654779776704
.ngpvan.com/ Name: _ga
Value: GA1.2.507015794.1654779777
.ngpvan.com/ Name: _gid
Value: GA1.2.1904130289.1654779777
.ngpvan.com/ Name: _gat_UA-28243511-22
Value: 1
.ngpvan.com/ Name: _dc_gtm_UA-28243511-23
Value: 1
.ngpvan.com/ Name: visid_incap_2233503
Value: BusrmVSuSFe6owlrit2mjoDvoWIAAAAAQUIPAAAAAACyi23tYnGHjyw0kopi5M5P
.ngpvan.com/ Name: nlbi_2233503
Value: uGMLADUNq0I7v3CVvIV21QAAAABewNcc8p5PVLNtuSJCD9kY
.ngpvan.com/ Name: incap_ses_472_2233503
Value: zPahQPTrOzIzj/dlSuKMBoDvoWIAAAAAUuJ28vvpTJ7lUZxVRaMFzQ==
.profile.ngpvan.com/ Name: TiPMix
Value: 25.82880383252806
.profile.ngpvan.com/ Name: x-ms-routing-name
Value: self
profile.ngpvan.com/ Name: ngpvanuser
Value: L_IVWzsZPqRbmtzCsK2%24rcJV
.ngpvan.com/ Name: visid_incap_972453
Value: 6PnkvcHSQc2RiAbW/MJDxoDvoWIAAAAAQUIPAAAAAAClJWGzZuDt8GlqiZ7jBdgG
.ngpvan.com/ Name: nlbi_972453
Value: Hhn3K/w+VQfKTEF6+GeOKAAAAADjbPHjU9uMTGtS2vit3OJk
.ngpvan.com/ Name: incap_ses_472_972453
Value: ag7kQfNIWA2bj/dlSuKMBoHvoWIAAAAA60I/FT8okX1FGqii81/0qg==
.ngpvan.com/ Name: ProfileDatabagId
Value: L_IVWzsZPqRbmtzCsK2$rcJV
.secure.everyaction.com/ Name: TiPMix
Value: 52.32790053330353
.secure.everyaction.com/ Name: x-ms-routing-name
Value: self
.everyaction.com/ Name: ProfileDatabagId
Value: L_IVWzsZPqRbmtzCsK2$rcJV

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
fastaction.ngpvan.com
js2.verygoodvault.com
nvlupin.blob.core.windows.net
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
ssl.google-analytics.com
static.everyaction.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
13.69.106.212
20.60.58.97
2600:9000:21f3:a000:14:79be:a380:93a1
2600:9000:224a:4200:3:1d53:4780:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:800::2008
2a00:1450:4001:810::2008
2a00:1450:4001:828::200e
2a00:1450:400c:c07::9a
45.60.33.183
07b72cdaf7705e1ddffbb3cb0f419220fcbd53357f84bb7e1a69b2cacda0f310
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799
1da880075013fc0d3813d127fca4c4eba4954497c6a046a847dfbd495bf6e684
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
2c569f4d1c2dfdbb827657938dfe0bca6056995854e2e3de97a2339c70aaef50
2c5a5f92d9cf1bb0489e6034b9d292afe73863ab26fe5193039fe79b9c47dd1c
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16
34fca39fa768250c796be4847e4c7001213ce317253ec4c9bc6f35ec4e9cf292
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
450c11968152d6120b39f80fe8de61e4284ee3f8555aa6d4f95905da97d565cb
4a52bd15d49c421b4257b9f64e360220a40f68d0f5daf2fee1994cb6302e759a
4d9fa995211a92f7466735bf5581e970c7199f3d90656abe32c2c2426e036df3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5e5b070a22b1bc39eeeec1316bb5fc7164f4a1e992a208a50282900ee07b0b
7076cac6f32fbbfee7d513c424a64eeb04622c436eeb0238cfc24d3f2fc46f03
7fddd1be3d6f03f4e67ccecd8c58fd07af9674bd324f76f1b62358e67541566d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d
92d20b6e55111266f61347ec04f0fd23e9f1abe3138150196ce6674d8ba529ea
a07a14b1a9190f5fc794d9e7aa2c26e89d0f946e1b03e17f5e01ff1a4ce2ae47
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
b6c605fbf7e60ffb1413452848c69031c3b8d31eb27d6e8471c5e8f606093638
b8f056aae9cc425e4299db3cb8c644d9827a7107594cb8e6ad2226ae7d99b7a9
bd7717cd4f93abc9de5a76ca86561929f03033a0e254ef53f7d0b92e557f14a3
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79adb1ae3d535afcba7e590308ed945ffed14b5198efd6d163d600a8e790bea
fe1f3318c29bad1a8b03f348b5e0749aedb2583c7d5c17d98b7b00b8b696216f
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc