urlscan.io logo urlscan.io
SecurityTrails logo

secure.ngpvan.com Open in urlscan Pro
45.60.33.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.ngpvan.com/k/61788722/401194912/1762728248?nvep=ew0KICAiVGVuAB12ABCDEFGHIJKLMNOPQjovL3Zhbi9OR1AvTkdQNTAvMS8...
Effective URL: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-0...
Submission: On April 15 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.ngpvan.com. The Cisco Umbrella rank of the primary domain is 68241.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on December 9th 2022. Valid for: a year.
This is the only time secure.ngpvan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 45.60.33.183 19551 (INCAPSULA)
5 2600:9000:249... 16509 (AMAZON-02)
1 20.60.58.97 8075 (MICROSOFT...)
1 18.66.147.73 16509 (AMAZON-02)
1 2606:2800:133... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.69.106.90 8075 (MICROSOFT...)
22 7
12    45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)
click.ngpvan.com
secure.ngpvan.com
profile.ngpvan.com
fastaction.ngpvan.com
secure.everyaction.com
5    2600:9000:2490:1000:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.everyaction.com
1    20.60.58.97 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nvlupin.blob.core.windows.net
1    18.66.147.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-73.fra60.r.cloudfront.net
js.verygoodvault.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    13.69.106.90 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
11 ngpvan.com
click.ngpvan.com — Cisco Umbrella Rank: 77305
secure.ngpvan.com — Cisco Umbrella Rank: 68241
profile.ngpvan.com — Cisco Umbrella Rank: 57991
fastaction.ngpvan.com — Cisco Umbrella Rank: 100169
28 KB
6 everyaction.com
static.everyaction.com — Cisco Umbrella Rank: 81348
secure.everyaction.com — Cisco Umbrella Rank: 58481
271 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 784
280 B
1 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 421
17 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2105
47 KB
1 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 35612
44 KB
1 windows.net
nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 74825
25 KB
22 7
Domain Requested by
7 secure.ngpvan.com secure.ngpvan.com
az416426.vo.msecnd.net
5 static.everyaction.com secure.ngpvan.com
static.everyaction.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 profile.ngpvan.com static.everyaction.com
az416426.vo.msecnd.net
1 secure.everyaction.com az416426.vo.msecnd.net
1 fastaction.ngpvan.com static.everyaction.com
1 ssl.google-analytics.com secure.ngpvan.com
1 az416426.vo.msecnd.net secure.ngpvan.com
1 js.verygoodvault.com secure.ngpvan.com
1 nvlupin.blob.core.windows.net secure.ngpvan.com
1 click.ngpvan.com 1 redirects
22 11

This site contains links to these domains. Also see Links.

Domain
fastaction.ngpvan.com
www.ngpvan.com
Subject Issuer Validity Valid
*.ngpvan.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-12-09 -
2023-12-08		 a year crt.sh
static.everyaction.com
Amazon RSA 2048 M02		 2023-02-21 -
2023-07-07		 5 months crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 02		 2023-02-15 -
2024-02-10		 a year crt.sh
*.verygoodvault.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-02-16		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 06		 2023-02-04 -
2024-01-30		 a year crt.sh
*.everyaction.com
RapidSSL TLS ECC CA G1		 2023-03-17 -
2024-04-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Frame ID: DD7CD08BAA3AA96CE77D8BF317EA7DB3
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirm Your Contact Information

Page URL History Show full URLs

  1. https://click.ngpvan.com/k/61788722/401194912/1762728248?nvep=ew0KICAiVGVuAB12ABCDEFGHIJKLMNOPQjovL3Z... HTTP 302
    https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650f... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

22
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

11
Subdomains

7
IPs

3
Countries

430 kB
Transfer

1435 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.ngpvan.com/k/61788722/401194912/1762728248?nvep=ew0KICAiVGVuAB12ABCDEFGHIJKLMNOPQjovL3Zhbi9OR1AvTkdQNTAvMS8xMDUwMDAiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNDY1MGZhODUtZDFkYS1lZDExLThlOGItMDAyMjQ4MzJlYjczIiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJyb2J5AB12ABCDEFGHIJKLMNOPQg0KfQ%3D%3D&hmac=4m4I4i36oXHPLVC9x4HpZDTdX-5JREkTpf5BP9YWGf4=&emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614 HTTP 302
    https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 7fW6-1Vpy0OaezC45_uLsQ2
secure.ngpvan.com/
Redirect Chain
  • https://click.ngpvan.com/k/61788722/401194912/1762728248?nvep=ew0KICAiVGVuAB12ABCDEFGHIJKLMNOPQjovL3Zhbi9OR1AvTkdQNTAvMS8xMDUwMDAiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNDY1MGZhODUtZDFkYS1lZDExLTh...
  • https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2c084f9744759256eceac1d479419fba1fcc6832c7927e92e2993606bb9737c7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=10
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Sat, 15 Apr 2023 08:19:25 GMT
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cdn
Imperva
x-content-type-options
nosniff
x-iinfo
17-313208745-313208750 NNNN CT(117 192 0) RT(1681546765273 9) q(0 0 3 0) r(5 5) U18
x-xss-protection
1; mode=block

Redirect headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Content-Length
0
Date
Sat, 15 Apr 2023 08:19:24 GMT
Expires
-1
Location
https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Pragma
no-cache
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-CDN
Imperva
X-Iinfo
16-231694964-231694969 NNNN CT(86 175 0) RT(1681546764800 10) q(0 0 2 0) r(3 3) U11
X-Robots-Tag
noindex
published.css
secure.ngpvan.com/Content/css/forms/ 		361 B
347 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Content/css/forms/published.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
92d20b6e55111266f61347ec04f0fd23e9f1abe3138150196ce6674d8ba529ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 08:19:25 GMT
content-encoding
gzip
last-modified
Thu, 13 Apr 2023 21:36:28 GMT
x-cdn
Imperva
etag
"056281506ed91:0"
content-type
text/css
x-iinfo
17-313208745-0 0CNN RT(1681546765273 472) q(0 -1 -1 -1) r(0 -1)
access-control-expose-headers
Request-Context
content-length
219
at.js
static.everyaction.com/ea-actiontag/ 		824 KB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f337550b1d081967101154a600d215106f06ae8e802643039795d11f02d09c3

Request headers

Referer
https://secure.ngpvan.com/
Origin
https://secure.ngpvan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:36:45 GMT
content-encoding
gzip
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
63761
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
237964
last-modified
Tue, 11 Apr 2023 14:36:18 GMT
server
AmazonS3
etag
"ea466559a92faf776ed3903bd076aed4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
83jW0C9iUh1G8XFaX5OP2Z5sY28X87zdxE42VmgghvMtja9gbbNO7w==
at.min.css
static.everyaction.com/ea-actiontag/ 		59 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.min.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c3b929c932b9ec28d80be238794e798e5e5471e9791f5cec14dcbc7d205621e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:37:40 GMT
content-encoding
gzip
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
63743
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11529
last-modified
Tue, 11 Apr 2023 14:36:18 GMT
server
AmazonS3
etag
"78ae3c945b44818b5636695876b54892"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
F7bk4A0MkMUTOR8stmElCWBpiHZ0oBvb_ZWx_toDN-gyHcAhdGE86Q==
CustomStylesheet_bfd520112694f23eef1fe7c94360aa3ec00e3842a6adfa38d54238150f1f77f4.css
nvlupin.blob.core.windows.net/designs/ 		24 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nvlupin.blob.core.windows.net/designs/CustomStylesheet_bfd520112694f23eef1fe7c94360aa3ec00e3842a6adfa38d54238150f1f77f4.css
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2d589a633d53be2660fdaff66b1bdb23120a39f3a08e6db145e3167a325f5fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 15 Apr 2023 08:19:25 GMT
Last-Modified
Thu, 23 Mar 2023 12:44:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
t8j9iLsB8BMvbRqPbTOVxQ==
ETag
0x8DB2B9C5E5FAEC8
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
x-ms-request-id
21802e0e-401e-006b-5872-6fc0a5000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
max-age=31536000
x-ms-version
2009-09-19
Content-Length
24962
vgs-collect.js
js.verygoodvault.com/vgs-collect/2.14.0/ 		134 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff

Request headers

Referer
https://secure.ngpvan.com/
Origin
https://secure.ngpvan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id
uQF6CVoMnT1mOHvFavSn8ur6rXtO9Qh9
Content-Encoding
gzip
Via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
Date
Sat, 15 Apr 2023 08:19:00 GMT
X-Amz-Cf-Pop
FRA60-P4
Age
54
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 08 Jun 2022 01:07:52 GMT
Server
AmazonS3
ETag
W/"2eb620d1b4f90db03c929f89d188cf80"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
X-Amz-Cf-Id
v7euP4wKpUY3s2h4adbukuNUJCSJfS0kLtZjPDb-0V9sMXHbgqDarg==
_Incapsula_Resource
secure.ngpvan.com/ 		130 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=481220003
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f131d91e6d887474e65db8a3339eb219d4367df6ecdb17fe04e52e0fcc38b4f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
18860
content-type
application/javascript
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ 		118 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFD) /
Resource Hash
7e6eb5a9a8a048fbc98c8f37e104b59fdd19a077ece48b1ed11e6d4a54f93d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 Apr 2023 08:19:25 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
unyOJ/DZA0HScX9iyq6ldA==
age
793
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.11.min.js
content-length
47346
x-ms-lease-status
unlocked
last-modified
Wed, 15 Mar 2023 18:34:46 GMT
server
ECAcc (frc/4CFD)
x-ms-meta-aijssdkver
2.8.11
etag
0x8DB2583F3E2030A
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1fb7d037-a01e-00c4-6171-6fb0c7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Sat, 15 Apr 2023 08:49:25 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 15 Apr 2023 07:33:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2775
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sat, 15 Apr 2023 09:33:11 GMT
_Incapsula_Resource
secure.ngpvan.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9975931056368401
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
extra.min.css
static.everyaction.com/ea-actiontag/ 		78 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67a9e992e97c6d3f78a3173afbdcf1006a46123b5bc2edfb80afe66a54f998d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:37:47 GMT
content-encoding
gzip
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
63744
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14230
last-modified
Tue, 11 Apr 2023 14:36:18 GMT
server
AmazonS3
etag
"3d570cab4552882a915a435cc4c7ceb7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
FZ9Qzw69MYguRkxtpl5aquzqjwDYz7AHCELFO-32mmNNIFyspNmwAQ==
identity
profile.ngpvan.com/ 		72 B
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
86ee465cf0766080629c3d63c86989a234686b56330d00d1d8af592d9e620e7d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 08:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-cdn
Imperva
etag
W/"48-okJZcTupd+6iIfJBBa3uYM1Ymyk"
x-powered-by
Express, ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo
17-313208745-313208881 NNNN CT(86 176 0) RT(1681546765273 776) q(0 0 3 0) r(4 4) U24
content-length
192
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
7fW6-1Vpy0OaezC45_uLsQ2
secure.ngpvan.com/v1/Forms/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/v1/Forms/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7110adf79ef486e2567e02683db355ab025d2582323668660f77e0afb00bd521
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
X-Requested-With
XMLHttpRequest
traceparent
00-4a8b90c9bc414913b4645815a59be614-69256f92561b439a-01
Request-Id
|4a8b90c9bc414913b4645815a59be614.69256f92561b439a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 08:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-cdn
Imperva
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-iinfo
17-313208745-313208750 PNNN RT(1681546765273 816) q(0 0 0 -1) r(2 2) U18
access-control-expose-headers
Request-Context
cache-control
public, max-age=10
content-length
1405
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
ngpvan-logo-16.png
static.everyaction.com/ea-actiontag/assets/images/ 		617 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.everyaction.com/ea-actiontag/assets/images/ngpvan-logo-16.png
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.everyaction.com/ea-actiontag/extra.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 05:16:22 GMT
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
19882985
x-cache
Hit from cloudfront
content-length
617
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
server
AmazonS3
etag
"3d6f9aab1e809b87c195e78264cb01f8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jSezPsJW2c7Wq7AQdM9jAf11cMD0Y0fDLZD55EPSPDKVQlygSz14Xw==
identity
fastaction.ngpvan.com/api/v1/ 		182 B
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1681546766339=
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
5e4dbc08b7a72c87f3724a8d88ea42299ff88105c2e583c04b7dbde83ed6ef29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 08:19:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains
server
Microsoft-IIS/10.0
x-cdn
Imperva
etag
W/"b6-Qg9Ppxn5xOyRKzTXPdfMsdOBj7U"
x-powered-by
Express, ASP.NET
vary
Accept-Encoding,Accept-Encoding
content-type
text/javascript; charset=utf-8
p3p
CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo
17-313208745-313208940 NNNN CT(85 175 0) RT(1681546765273 1015) q(0 0 3 1) r(4 4) U4
content-length
296
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
7fW6-1Vpy0OaezC45_uLsQ2
secure.ngpvan.com/v1/Track/ 		0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/v1/Track/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614&formSessionId=5db62446-e245-4ef5-bba9-517b7732f858&bName=chrome&dType=desktop&formVersion=4/5/2023%204:02:43%20PM|&fUrl=aHR0cHM6Ly9zZWN1cmUubmdwdmFuLmNvbS83Zlc2LTFWcHkwT2FlekM0NV91THNRMj9lbWNpPWU4NzA1MzZhLWM1ZGEtZWQxMS04ZThiLTAwMjI0ODMyZWI3MyZlbWRpPTQ2NTBmYTg1LWQxZGEtZWQxMS04ZThiLTAwMjI0ODMyZWI3MyZjZWlkPTkxODE2MTQ%3D&fRef=
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires
-1
pragma
no-cache
date
Sat, 15 Apr 2023 08:19:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn
Imperva
x-frame-options
SAMEORIGIN
x-iinfo
17-313208745-313208750 PNNN RT(1681546765273 1031) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers
Request-Context
cache-control
no-cache
content-length
0
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
fast-action.svg
static.everyaction.com/ea-actiontag/assets/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
Requested by
Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.ngpvan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 01:57:27 GMT
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
22920
x-cache
Hit from cloudfront
content-length
9203
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
server
AmazonS3
etag
"babd47dc25531a9faeadc04f1afa1910"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
QJKxyS3XYNdrMHYhYN716fe7X5UNn5zTe3RXkldWM4CCxcyqQrFoBg==
nvtag
profile.ngpvan.com/v2/data/5LWH4IIv9qnNFM41VfyDQwvG/ 		2 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/v2/data/5LWH4IIv9qnNFM41VfyDQwvG/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.ngpvan.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 08:19:26 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-cdn
Imperva
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by
Express, ASP.NET
vary
Origin,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.ngpvan.com
x-iinfo
16-231695219-231695221 NNNN CT(85 88 0) RT(1681546766428 10) q(0 0 2 -1) r(3 3) U24
access-control-allow-credentials
true
content-length
123
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.90 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://secure.ngpvan.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Sat, 15 Apr 2023 08:19:26 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.90 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d2be42c5a8a5fb6841b10fb0af34a62a9cf554ff3a6cb42be8f6d5673572da96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.ngpvan.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
1E1480A8-7C5A-4191-A203-67731EBA9B29
strict-transport-security
max-age=31536000
date
Sat, 15 Apr 2023 08:19:26 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
5LWH4IIv9qnNFM41VfyDQwvG
secure.everyaction.com/Databag/Profile/ 		0
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/Databag/Profile/5LWH4IIv9qnNFM41VfyDQwvG
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.ngpvan.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 08:19:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn
Imperva
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://secure.ngpvan.com
x-iinfo
16-231695278-231695282 NNNN CT(91 180 0) RT(1681546766758 10) q(0 0 3 1) r(4 4) U11
access-control-expose-headers
Request-Context
cache-control
private
access-control-allow-credentials
true
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
5LWH4IIv9qnNFM41VfyDQwvG
secure.ngpvan.com/Databag/Profile/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Databag/Profile/5LWH4IIv9qnNFM41VfyDQwvG
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.ngpvan.com/7fW6-1Vpy0OaezC45_uLsQ2?emci=e870536a-c5da-ed11-8e8b-00224832eb73&emdi=4650fa85-d1da-ed11-8e8b-00224832eb73&ceid=9181614
traceparent
00-4a8b90c9bc414913b4645815a59be614-f9bd84f970fe421c-01
Request-Id
|4a8b90c9bc414913b4645815a59be614.f9bd84f970fe421c
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 08:19:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn
Imperva
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
x-iinfo
17-313208745-313208750 PNNN RT(1681546765273 1451) q(0 0 0 -1) r(1 1) U11
access-control-expose-headers
Request-Context
cache-control
private
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| sdkInstance string| aiName object| aisdk string| appInsightsSDK object| appInsights function| handleScriptLoadError boolean| exileHeaderAndFooter object| e function| n object| Microsoft object| __dynProto$Gbl object| VgForm object| SecureForm object| VGSCollect function| _ object| CSSModal object| nvtag object| _gaq object| Backbone object| dataLayer function| _jqjsp object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType object| _gat object| formview

20 Cookies

Domain/Path Name / Value
.ngpvan.com/ Name: visid_incap_1392936
Value: VRJKsNmJQdSrnmyGhgiCUQxeOmQAAAAAQUIPAAAAAABfjgiIlfAUhXgPmxzUJ6/n
.ngpvan.com/ Name: nlbi_1392936
Value: +VP1KMiH2TaeumdB/rqKWQAAAACV208C8ykmjXjm0pAMxqJv
.ngpvan.com/ Name: incap_ses_728_1392936
Value: +wWVG7YDdQ5jilg2aGAaCg1eOmQAAAAAXKAJNctk3IRpvNjcd7SnVA==
.ngpvan.com/ Name: visid_incap_1002065
Value: Tta93UXaS8yYZF0qa53csg1eOmQAAAAAQUIPAAAAAADsg6NWNO7ThpROsTfyjs+5
.ngpvan.com/ Name: nlbi_1002065
Value: Ow8+Ox/TpFUMaUtC0IOYSwAAAACK3F2R1h5qx2P4GeJi5U4x
.ngpvan.com/ Name: incap_ses_728_1002065
Value: Z57KPsNn/Chii1g2aGAaCg1eOmQAAAAAxL/WLw5Wlj5ub6N77OY/2Q==
secure.ngpvan.com/ Name: ai_user
Value: IiSgM/SeuydEXeKoCCaL0M|2023-04-15T08:19:25.954Z
secure.ngpvan.com/ Name: ai_session
Value: USS8yZh+wrVg8k8jHnkawB|1681546766224|1681546766224
.ngpvan.com/ Name: visid_incap_2233503
Value: LiN976ldQcSQ9pxk9cLtuw5eOmQAAAAAQUIPAAAAAACgT3NKY/bWgLI10b8VBhaW
.ngpvan.com/ Name: nlbi_2233503
Value: NrK/NS8Xl0IhX0QKvIV21QAAAAA9b1eAIQ5JK1RPBjnANFQX
.ngpvan.com/ Name: incap_ses_728_2233503
Value: IacndBSiE0P4jFg2aGAaCg5eOmQAAAAA4j8jxAq5UuB08pW2ynICSg==
profile.ngpvan.com/ Name: ngpvanuser
Value: 5LWH4IIv9qnNFM41VfyDQwvG
.ngpvan.com/ Name: visid_incap_972453
Value: KO7TSnesSIeTLAD1bn7b/Q5eOmQAAAAAQUIPAAAAAADjpdgDS165VhSERDgpWe+v
.ngpvan.com/ Name: nlbi_972453
Value: S6EBBxdSYC6Hlx/D+GeOKAAAAABoeR8MKVgVq0BOvJ6iK8kG
.ngpvan.com/ Name: incap_ses_728_972453
Value: Mn95eCek4SdWjVg2aGAaCg5eOmQAAAAAQo9jb7jSxw+Ft6HhWbkk1w==
.ngpvan.com/ Name: ProfileDatabagId
Value: 5LWH4IIv9qnNFM41VfyDQwvG
.everyaction.com/ Name: visid_incap_823975
Value: 8O1a3FRTQ1aqaXzDdesIVA5eOmQAAAAAQUIPAAAAAAAsdgD5l892UB2omHNwULc8
.everyaction.com/ Name: nlbi_823975
Value: d9n8YtKgmSOBBcrfxwoUeQAAAADnKbeWHvDY5tH0bSWK+t7Q
.everyaction.com/ Name: incap_ses_728_823975
Value: sxJwPJDndD0Kjlg2aGAaCg9eOmQAAAAAn/r6BRo+WQ4jlWLazIknWw==
.everyaction.com/ Name: ProfileDatabagId
Value: 5LWH4IIv9qnNFM41VfyDQwvG

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
click.ngpvan.com
dc.services.visualstudio.com
fastaction.ngpvan.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
ssl.google-analytics.com
static.everyaction.com
13.69.106.90
18.66.147.73
20.60.58.97
2600:9000:2490:1000:3:1d53:4780:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:829::2008
45.60.33.183
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2c084f9744759256eceac1d479419fba1fcc6832c7927e92e2993606bb9737c7
2d589a633d53be2660fdaff66b1bdb23120a39f3a08e6db145e3167a325f5fd1
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16
3f337550b1d081967101154a600d215106f06ae8e802643039795d11f02d09c3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5e4dbc08b7a72c87f3724a8d88ea42299ff88105c2e583c04b7dbde83ed6ef29
67a9e992e97c6d3f78a3173afbdcf1006a46123b5bc2edfb80afe66a54f998d8
7110adf79ef486e2567e02683db355ab025d2582323668660f77e0afb00bd521
7e6eb5a9a8a048fbc98c8f37e104b59fdd19a077ece48b1ed11e6d4a54f93d38
86ee465cf0766080629c3d63c86989a234686b56330d00d1d8af592d9e620e7d
92d20b6e55111266f61347ec04f0fd23e9f1abe3138150196ce6674d8ba529ea
9c3b929c932b9ec28d80be238794e798e5e5471e9791f5cec14dcbc7d205621e
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff
d2be42c5a8a5fb6841b10fb0af34a62a9cf554ff3a6cb42be8f6d5673572da96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f131d91e6d887474e65db8a3339eb219d4367df6ecdb17fe04e52e0fcc38b4f1