secure.ngpvan.com Open in urlscan Pro
45.60.33.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.ngpvan.com/k/2030035/10570651/-942590038?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9OR1AvTkdQMDMvMS82O...
Effective URL:
https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Submission: On August 28 via manual (August 28th 2018, 10:06:10 pm UTC) from US

Summary HTTP 42 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 42 HTTP transactions. The main IP is 45.60.33.183, located in Redwood City, United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is secure.ngpvan.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on February 8th 2018. Valid for: 3 years.

This is the only time secure.ngpvan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
1	137.116.3.20 137.116.3.20	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	52.85.182.24 52.85.182.24	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2a00:1450:400... 2a00:1450:4001:81e::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	40.114.13.25 40.114.13.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
6	52.85.182.234 52.85.182.234	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 6	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	52.169.64.244 52.169.64.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
42	14

13 45.60.33.183 (Redwood City, United States) 1 redirects

ASN19551 (INCAPSULA - Incapsula Inc, US)

click.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.116.3.20 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.182.24 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-182-24.fra50.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.114.13.25 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.85.182.234 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-182-234.fra50.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81a::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (San Francisco, United States) 2 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.169.64.244 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	ngpvan.com 1 redirects click.ngpvan.com secure.ngpvan.com profile.ngpvan.com fastaction.ngpvan.com	31 KB
8	cloudfront.net d1aqhv4sn5kxtx.cloudfront.net	372 KB
7	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	32 KB
6	twitter.com 2 redirects platform.twitter.com syndication.twitter.com	36 KB
2	visualstudio.com dc.services.visualstudio.com	930 B
2	doubleclick.net stats.g.doubleclick.net	204 B
2	googletagmanager.com www.googletagmanager.com	45 KB
1	everyaction.com secure.everyaction.com	1 KB
1	facebook.com staticxx.facebook.com
1	facebook.net connect.facebook.net	70 KB
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	windows.net nvlupin.blob.core.windows.net	25 KB
42	12

	Domain	Requested by
10	secure.ngpvan.com	secure.ngpvan.com az416426.vo.msecnd.net
8	d1aqhv4sn5kxtx.cloudfront.net	secure.ngpvan.com d1aqhv4sn5kxtx.cloudfront.net www.googletagmanager.com www.google-analytics.com
6	www.google-analytics.com	1 redirects www.googletagmanager.com secure.ngpvan.com
4	platform.twitter.com	secure.ngpvan.com platform.twitter.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	syndication.twitter.com	2 redirects
2	stats.g.doubleclick.net	secure.ngpvan.com
2	profile.ngpvan.com	d1aqhv4sn5kxtx.cloudfront.net az416426.vo.msecnd.net
2	www.googletagmanager.com	secure.ngpvan.com d1aqhv4sn5kxtx.cloudfront.net
1	secure.everyaction.com	az416426.vo.msecnd.net
1	fastaction.ngpvan.com	d1aqhv4sn5kxtx.cloudfront.net
1	staticxx.facebook.com	connect.facebook.net
1	ssl.google-analytics.com	secure.ngpvan.com
1	connect.facebook.net	secure.ngpvan.com
1	az416426.vo.msecnd.net	secure.ngpvan.com
1	nvlupin.blob.core.windows.net	secure.ngpvan.com
1	click.ngpvan.com	1 redirects
42	17

This site contains links to these domains. Also see Links.

Domain
fastaction.ngpvan.com
www.ngpvan.com

Subject Issuer	Validity	Valid
*.ngpvan.com RapidSSL RSA CA 2018	`2018-02-08` - `2021-02-07`	3 years	crt.sh
*.blob.core.windows.net Microsoft IT TLS CA 5	`2017-11-08` - `2019-11-08`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2017-11-22` - `2018-11-21`	a year	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2017-12-02` - `2018-12-05`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.everyaction.com Go Daddy Secure Certificate Authority - G2	`2017-01-19` - `2019-03-20`	2 years	crt.sh
dc.services.visualstudio.com Microsoft IT TLS CA 1	`2017-09-05` - `2019-09-05`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Frame ID: 6807B6FAF06E597093B0F55F54DD89EE
Requests: 40 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.caf215585d416c5a9715098967b792e1.html?origin=https%3A%2F%2Fsecure.ngpvan.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: A5810D0E6280F3232BECA5571E5643B3
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
Frame ID: 83CBF0AE1BCBCE36C2E5FEEA56A613C6
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: A373B72BD975FBCC918C57E05CD02306
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 56D38D26593A01967075F9D3D3D21109
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.ngpvan.com/k/2030035/10570651/-942590038?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhb... HTTP 302
https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2 Page URL

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^Backbone$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Backbone$/i

Page Statistics

42
Requests

100 %
HTTPS

43 %
IPv6

12
Domains

17
Subdomains

14
IPs

2
Countries

632 kB
Transfer

1880 kB
Size

19
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://www.ngpvan.com/?utm_source=act.myngp.com&utm_medium=poweredby&utm_campaign=ngpnext
Title: NGP VAN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.ngpvan.com/k/2030035/10570651/-942590038?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9OR1AvTkdQMDMvMS82ODkzNiIsDQogICJEaXN0cmlidXRpb25VbmlxdWVJZCI6ICJlMjY1ODcxNC0wYWFiLWU4MTEtYmNlNy0wMDBkM2ExMmI4MDAiLA0KICAiRW1haWxBZGRyZXNzIjogInRpbS5rYXdha2FtaUB4Y2VsZW5lcmd5LmNvbSINCn0%3D&hmac=CPeUjWfsvH4YAoUUUggVsfhfjbAmJm6tpArP7foaPx4= HTTP 302
https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 32

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=247864488&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2F-HZuQoMca0ijL_b7TZm4Ig2&ul=en-us&de=UTF-8&dt=Thank%20You%20for%20Supporting%20the%20House%20Majority%20Project&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Minimal&ev=18&_u=aGDAAEAB~&jid=1153731776&gjid=673491101&cid=483501186.1535493958&tid=UA-28243511-20&_gid=14848715.1535493958&_r=1&gtm=G865L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP03%2F1%2F68936&cd4=1000611&cd5=General%20Contribution&cd6=-HZuQoMca0ijL_b7TZm4Ig2&z=1068588467 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=483501186.1535493958&jid=1153731776&_gid=14848715.1535493958&gjid=673491101&_v=j68&z=1068588467

Request Chain 37

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

42 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set -HZuQoMca0ijL_b7TZm4Ig2 Show response
secure.ngpvan.com/
Redirect Chain

https://click.ngpvan.com/k/2030035/10570651/-942590038?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9OR1AvTkdQMDMvMS82ODkzNiIsDQogICJEaXN0cmlidXRpb25VbmlxdWVJZCI6ICJlMjY1ODcxNC0wYWFiLWU4MTEtYmNlN...
https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

19 KB
6 KB

676ms
541ms

Document
text/html

45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

bf52bd406d9c6393253ff92c79fdd758ebe8643dfb1a515583a8cc68659e26ac

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: secure.ngpvan.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 6807B6FAF06E597093B0F55F54DD89EE

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: TiPMix=61.3982873323366; path=/; HttpOnly; Domain=secure.ngpvan.com visid_incap_1002065=jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8; expires=Wed, 28 Aug 2019 14:26:15 GMT; path=/; Domain=.ngpvan.com nlbi_1002065=takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa; path=/; Domain=.ngpvan.com incap_ses_275_1002065=RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==; path=/; Domain=.ngpvan.com
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date: Tue, 28 Aug 2018 22:05:57 GMT
X-Iinfo: 2-21977855-21977859 NNNN CT(113 232 0) RT(1535493956394 63) q(0 0 4 12) r(5 5) U2
X-CDN: Incapsula
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Location: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
X-Powered-By: ASP.NET
Date: Tue, 28 Aug 2018 22:05:55 GMT
Content-Length: 0
Set-Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; expires=Wed, 28 Aug 2019 14:26:15 GMT; path=/; Domain=.ngpvan.com nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; path=/; Domain=.ngpvan.com incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==; path=/; Domain=.ngpvan.com
X-Iinfo: 1-22394838-22394843 NNNN CT(114 232 0) RT(1535493955733 65) q(0 1 4 0) r(5 5) U11
X-CDN: Incapsula

GET
H/1.1 200
OK published.css
secure.ngpvan.com/Content/css/forms/ 389 B
528 B 512ms
511ms Stylesheet
text/css 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.ngpvan.com/Content/css/forms/published.css
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 0bb4162f0b42086a35ba69b25bbebb373401777a9fbfee8e45b56f502cff7a64

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==; TiPMix=61.3982873323366; visid_incap_1002065=jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8; nlbi_1002065=takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa; incap_ses_275_1002065=RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 22:05:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Aug 2018 23:41:40 GMT
X-CDN: Incapsula
Etag: "0527aac713ad41:0"
Content-Type: text/css
X-Iinfo: 2-21977855-21972234 2VNN RT(1535493956394 609) q(0 0 0 -1) r(4 4)
Content-Length: 237

GET
H/1.1 200
OK script-error Show response
secure.ngpvan.com/js/ 228 B
526 B 129ms
32ms Script
text/javascript 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.ngpvan.com/js/script-error?v=GeYv9wZQnND5uIxL5ZRwfSHLeWRBgivVndhzehZsiRA1
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==; TiPMix=61.3982873323366; visid_incap_1002065=jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8; nlbi_1002065=takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa; incap_ses_275_1002065=RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 22:05:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Aug 2018 06:51:18 GMT
X-CDN: Incapsula
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 5-41011021-0 0CNN RT(1535493957069 31) q(0 -1 -1 -1) r(1 -1)
Cache-Control: max-age=31394721, public
Content-Length: 163
Expires: Tue, 27 Aug 2019 06:51:18 GMT

GET
H/1.1 200
OK favicon.jpg
nvlupin.blob.core.windows.net/images/van/NGP/NGP03/1/68936/images/ 25 KB
25 KB 503ms
135ms Image
image/jpeg 137.116.3.20
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP03/1/68936/images/favicon.jpg
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.3.20 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7fe12870f475c52173d4d1eacd47c2560e58440e86da20385a088bc035174534

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 28 Aug 2018 22:05:57 GMT
Last-Modified: Wed, 30 May 2018 22:21:50 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D5C67BBD5787D5
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 11be09de-c01e-000e-3d1b-3fa730000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 25277

GET
H/1.1 200
OK at.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 782 KB
226 KB 46ms
6ms Script
application/javascript 52.85.182.24
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.182.24 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 114ec97cb993bab509585f41b2880fdd81056b2fdd9ca3b8a588edf491470d81

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Origin: https://secure.ngpvan.com

Response headers

Date: Fri, 27 Jul 2018 18:50:28 GMT
Content-Encoding: gzip
Age: 11087
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 230737
Access-Control-Allow-Origin: *
Last-Modified: Fri, 27 Jul 2018 18:50:08 GMT
Server: AmazonS3
ETag: "04fd54c8b9f52145cd2d1838db6f049d"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Via: 1.1 761f19bc2f5721b0be0a41147e1e925f.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Amz-Cf-Id: 32d-EN5RuTbwyfTPJAR9muoCnGJGGreYrT2tZAOveTcFjy_io4m1oA==

GET
H/1.1 200
OK base-js.gif
secure.ngpvan.com/Content/images/ 35 B
303 B 156ms
155ms Image
image/gif 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.ngpvan.com/Content/images/base-js.gif
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==; TiPMix=61.3982873323366; visid_incap_1002065=jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8; nlbi_1002065=takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa; incap_ses_275_1002065=RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Iinfo: 2-21977855-21972234 2VNN RT(1535493956394 1125) q(0 0 0 -1) r(1 1)
Date: Tue, 28 Aug 2018 22:05:57 GMT
Last-Modified: Wed, 22 Aug 2018 23:41:40 GMT
X-CDN: Incapsula
Etag: "0527aac713ad41:0"
Content-Length: 35
Content-Type: image/gif

GET
S 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 95 KB
22 KB 22ms
6ms Script
application/x-javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Aug 2018 22:05:57 GMT
content-encoding: gzip
content-md5: 7JhCKwvLjoUoS5N/nN9LRA==
x-cache: HIT
status: 200
content-length: 21636
x-ms-lease-status: unlocked
last-modified: Mon, 27 Aug 2018 19:51:06 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D60C566D4F1460
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 84e11144-c01e-00a1-611b-3f2a7f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=600
x-ms-version: 2009-09-19

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 70 KB
22 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:81e::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM473M

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

9a86f5f34b97d11987473f75ed7dbf32b6849f4986122936ef6adf38a27a3804

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 22:05:57 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 22506
x-xss-protection: 1; mode=block
expires: Tue, 28 Aug 2018 22:05:57 GMT

GET
S 200 sdk.js Show response
connect.facebook.net/en_US/ 229 KB
70 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

ce6e84fd29d8249fff2bf47a3446776d446ecb80f8e8d5ec24cb9d7daa0e1743

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: E8DpHzZp+TUsoRh24JWd/Q==
status: 200
content-length: 71321
x-xss-protection: 0
x-fb-debug: mat6u7skMH5OGY8sJR1oBzGuLb4imrUW8GSd9edY2i+cl5Tg1FxtUi+pCKRC+ZZxiWXOh9+3lUUzczsEgoqOSg==
x-fb-content-md5: 27f7b230675add6755b0b13e3d63230e
x-frame-options: DENY
date: Tue, 28 Aug 2018 22:05:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b7461a62af274d9c7024580b0e91533b"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin: *
expires: Tue, 28 Aug 2018 22:19:34 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 119 KB
35 KB 22ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash: d91803d77ded1e51736e9436763c5df2523aab5992277ff21ff6224187d326bf

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 22:05:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Aug 2018 16:25:21 GMT
Server: ECS (fcn/4188)
Etag: "6358c2fc1f5aa609f45518ff0451aad7+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 35615

GET
S 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 1604
date: Tue, 28 Aug 2018 21:39:13 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17168
expires: Tue, 28 Aug 2018 23:39:13 GMT

GET
H/1.1 200
OK with-js.gif
secure.ngpvan.com/Content/images/ 35 B
302 B 161ms
161ms Image
image/gif 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.ngpvan.com/Content/images/with-js.gif
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==; TiPMix=61.3982873323366; visid_incap_1002065=jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8; nlbi_1002065=takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa; incap_ses_275_1002065=RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Iinfo: 5-41011021-41009375 2VNN RT(1535493957069 500) q(0 0 0 -1) r(1 1)
Date: Tue, 28 Aug 2018 22:05:57 GMT
Last-Modified: Wed, 22 Aug 2018 23:41:40 GMT
X-CDN: Incapsula
Etag: "0527aac713ad41:0"
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK _Incapsula_Resource Show response
secure.ngpvan.com/ 101 KB
15 KB 125ms
34ms Script
application/javascript 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.ngpvan.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1654295561
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: b6cf1f9ed46514f54baa911b7d90e33b37fdbad233e7bed13be59e8cfe142f87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==; TiPMix=61.3982873323366; visid_incap_1002065=jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8; nlbi_1002065=takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa; incap_ses_275_1002065=RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache
Content-Length: 14939
Content-Type: application/javascript

GET
H/1.1 200
OK widget_iframe.caf215585d416c5a9715098967b792e1.html
platform.twitter.com/widgets/ Frame A581 0
0 6ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.caf215585d416c5a9715098967b792e1.html?origin=https%3A%2F%2Fsecure.ngpvan.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4190) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 6807B6FAF06E597093B0F55F54DD89EE
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Aug 2018 22:05:57 GMT
Etag: "6f4bb4155518386526ca164541e6b1ce+gzip"
Last-Modified: Mon, 27 Aug 2018 16:24:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4190)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5868

GET
H/1.1 200
OK Cookie set identity Show response
profile.ngpvan.com/ 72 B
851 B 472ms
109ms Script
text/javascript 40.114.13.25
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express ASP.NET

Resource Hash

606f479d5cfb49edf886b5a2b207186a3fdc6d764318ee06de84fa86cadb7f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: profile.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==; visid_incap_1002065=jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8; nlbi_1002065=takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa; incap_ses_275_1002065=RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 22:05:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Powered-By: Express ASP.NET
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Set-Cookie: TiPMix=59.2095995597586; path=/; HttpOnly; Domain=profile.ngpvan.com ngpvanuser=6TwqvWj4J7G43CT3UbvYyc5Z; Max-Age=315532800; Path=/; Expires=Sun, 27 Aug 2028 22:05:58 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 193
ETag: W/"48-/Dw0J5qxSg5NJkXufLGgKI8R5Dc"
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 69 KB
23 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:81e::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

8f89c1d49d9f261af0641bcc3240a15abd8237e11850883aca1bf0dfb1babc0b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 22:05:57 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 23281
x-xss-protection: 1; mode=block
expires: Tue, 28 Aug 2018 22:05:57 GMT

GET
H/1.1 200
OK at.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 104 KB
20 KB 25ms
7ms Stylesheet
text/css 52.85.182.234
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.182.234 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-234.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25c868b823baf8d30c3af7ced6ff330ded26d08e841dfa93feea17811d7f5fb8

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 27 Jul 2018 18:50:32 GMT
Content-Encoding: gzip
Age: 11022
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 19440
Access-Control-Allow-Origin: *
Last-Modified: Fri, 27 Jul 2018 18:50:08 GMT
Server: AmazonS3
ETag: "d140ebaaad5fc42ae53e62159671a3c7"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Via: 1.1 a034346227db119f7e0813186ca2d2c2.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Amz-Cf-Id: wfYxrcuFti03ui8DpZSqanBNjHtJMgBpTXqSi-QGqKZPuLAotQWr9A==

GET
H/1.1 200
OK extra.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 70 KB
16 KB 26ms
8ms Stylesheet
text/css 52.85.182.234
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.182.234 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-234.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0d5abc8b0c826a3070659eb2f2be12308e146a8456323345221a478cefd59e9

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 27 Jul 2018 18:50:32 GMT
Content-Encoding: gzip
Age: 11022
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16027
Access-Control-Allow-Origin: *
Last-Modified: Fri, 27 Jul 2018 18:50:08 GMT
Server: AmazonS3
ETag: "e99016f8945a101c8def9c8e25da6bc8"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Via: 1.1 fe87e98f55ed12d46a06c407f072a87e.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Amz-Cf-Id: bZdfH4eSiqpWCgxb_-XLtOgwQwDMexOT-LYJRbtQyw1iqzOMcI3tFw==

GET
H/1.1 200
OK -HZuQoMca0ijL_b7TZm4Ig2 Show response
secure.ngpvan.com/v1/Forms/ 10 KB
4 KB 237ms
236ms XHR
application/json 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/-HZuQoMca0ijL_b7TZm4Ig2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

1a96380bd91465ba6f2565665ca626ea68766d5b974c5e029a45736552366a2b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==; TiPMix=61.3982873323366; visid_incap_1002065=jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8; nlbi_1002065=takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa; incap_ses_275_1002065=RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==; ai_user=13TC1|2018-08-28T22:05:57.899Z
Connection: keep-alive
Request-Id: |/F6SX.7R3ZU
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
X-Requested-With: XMLHttpRequest
Request-Id: |/F6SX.7R3ZU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Transfer-Encoding: chunked
X-Iinfo: 2-21977855-21977859 SNNN RT(1535493956394 1300) q(0 0 0 -1) r(3 3) U2
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma: no-cache
Last-Modified: Tue, 28 Aug 2018 22:05:58 GMT
Date: Tue, 28 Aug 2018 22:05:58 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache
ETag: "2d9acee5-3074-4655-8127-6dba9f5a907e"
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires: -1

GET
H2 200 QX17B8fU-Vm.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 83CB 0
0 11ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 6807B6FAF06E597093B0F55F54DD89EE
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Response headers

status: 200
expires: Mon, 26 Aug 2019 18:28:09 GMT
cache-control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: n+B5pdawZl1QzwsFwtwaQBdgBRZO2gVsXex7KncqpQc10dxvlehF/QwwS4Tc9MG5hCmmxnSf0peOfZSZlNWLWw==
content-length: 13927
date: Tue, 28 Aug 2018 22:05:58 GMT

GET
H/1.1 200
OK ngpvan-logo-16.png
d1aqhv4sn5kxtx.cloudfront.net/images/ 617 B
1 KB 7ms
7ms Image
image/png 52.85.182.234
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/images/ngpvan-logo-16.png
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.182.234 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-234.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16

Request headers

Referer: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 12:33:12 GMT
Via: 1.1 a034346227db119f7e0813186ca2d2c2.cloudfront.net (CloudFront)
Age: 1157567
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 617
Last-Modified: Thu, 28 Aug 2014 21:19:38 GMT
Server: AmazonS3
ETag: "3d6f9aab1e809b87c195e78264cb01f8"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
X-Amz-Cf-Id: BTfmQ8cbHKolTxJcbMCu7Xi7vtQxPZ-xuieSD2sAjGPqnjeFbYL6Ew==

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 1612
date: Tue, 28 Aug 2018 21:39:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Tue, 28 Aug 2018 23:39:06 GMT

GET
H/1.1 200
OK sweetspot.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 8 KB
9 KB 7ms
7ms Script
application/x-javascript 52.85.182.234
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.182.234 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-234.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Mar 2018 15:36:18 GMT
Via: 1.1 a034346227db119f7e0813186ca2d2c2.cloudfront.net (CloudFront)
Age: 20100
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8149
Last-Modified: Wed, 01 Mar 2017 15:31:32 GMT
Server: AmazonS3
ETag: "37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: x1GwvDAM9iirRBlUPGpX1aK-gM497IuWtcSa4zL8JnWAxHBX5VCPNg==

GET
H/1.1 200
OK _Incapsula_Resource
secure.ngpvan.com/ 1 B
90 B 31ms
30ms Image
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.ngpvan.com/_Incapsula_Resource?SWKMTFSR=1&e=0.14206345803130938
Requested by: Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==; TiPMix=61.3982873323366; visid_incap_1002065=jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8; nlbi_1002065=takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa; incap_ses_275_1002065=RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==; ai_user=13TC1|2018-08-28T22:05:57.899Z; ___utmvc=QWlVmf9clVuvs129Y8GTU+0SSeellEwur0fFX7MGj4BWMTqziyzq3o+EH2uecJ+nOKYJCC3g9eQ17NMubdZtF1s07N5oEWl5m7C7gltARsX9gqm9BZaZ4wkZGEcUB8jdZzz9J6m6oe3HF4Zh+SsEGPOqNBflTFQPBYj7D/QLqkILufZd1ZnMSygQ0kKyYfgwj2moR4o9yb8hIdYI/CuPTTOR9wx9Ff+4c8atz4Mz+bkbR7g7iBqHRzTggWYPqyfDJvaJ9nZIYzMeQZSJeNxocWFYtQZlL03easbCE8TbnqjHkwvxLT+kqJd9iyIMi1TPswt2u3DwYJ9GYsOCX3NQTwRJM4zwTlNffprku5giIkZKUoJO7l0d4csjPIxfIQN//BpfDQ5dv1nZLoGq457uQOjnFPLoDAFC5iH0ywV/OjzIGO8ZAR0gJHZpbJHBB3Bs8DS2oYMfezBWmZ+JWTbG3u9Ep7AXXiElbO+KYEUQc6ME+f84OwUgX5QYaKJHsXycu0CvK3EqlqvDWvleaIUAQNtWleI31l2X1loxC2iBbm30e5pBCIe4rZiskwuEvpVrDO8x5ZB2P5ywpJCJnyTTx4pLKy23ybm6LZtJsSlaMf52pdMrqKB0ENbXyZwHacIE0JDnJh5Zn5pfWGz1vtrT+qTEgA/zrbFRDe96PXs9F4g/9GhRH6RNtn9E8fQgwcnzdgGUKRRmu9Gqtpx3LjuNMqcQYNsSxNu3gfppwK+bIjFZLkivEfiEaK67bQv0eiwAIoTOizJ7HQiZ3w2qds+t+vEArAGD2a/cPOMYM4xvmqIUC3aOZb5FNXEF13Pn2fFj2zHbt5lwf/bTSz/PkOskmUbZTDy+lctigxdih/So9tyITEfNXIgYVZeMu1dzDNMiuMaLDY6Slmum3H8uOFbUA2jpVAF+xQZkcBZtlCUfXguTHSAAh5gB9f1IbTnbHoL/BaM7oAVQkQDuthyp+HULZV4+dVmF6kGWlQ/DWmXTH26qcRzfYMPITO57fPymEmorXjbJj9MX8sw2SCVLMniexjbtvr6yU2sQrqJrCJFkm4+r5u2W/XICZ/ZDZZjNuQ7UCm5TlhGGla3O1NDWq+Ym7CEoh7l7qDB9ktZK5aIuz12G6mQtVuXWIWAwakeIjHB67mWrdyY8+XNTgeYjrNh9DdX9BJB+YZKfLGRpZ2VzdD04Njg3Niw4Njg4MyxzPTZlNzc2OTliOWI5NzkwNmY2ZWEwNjI5MTdjOWNhMjY2NzBhOTliODE3ZTdjODVhYTcxODQ5ODVjYTU4ZTgyODI5ZDYzYTBhMjgwYWQ2OTc1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control: no-cache
Content-Length: 1
Content-Type: text/plain

GET
S 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
5ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=247864488&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2F-HZuQoMca0ijL_b7TZm4Ig2&ul=en-us&de=UTF-8&dt=Thank%20You%20for%20Supporting%20the%20House%20Majority%20Project&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgEAB~&jid=1734407060&gjid=1238102558&cid=483501186.1535493958&tid=UA-28243511-20&_gid=14848715.1535493958&gtm=G865L2FSL&z=1514433232

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Aug 2018 17:07:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 968310
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 15ms
14ms Image
image/gif 2a00:1450:400c:c00::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-28243511-20&cid=483501186.1535493958&jid=1734407060&gjid=1238102558&_gid=14848715.1535493958&_u=YGBAgEAB~&z=257858969

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c00::9d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 28 Aug 2018 22:05:58 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame A373
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 6807B6FAF06E597093B0F55F54DD89EE

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Aug 2018 22:05:58 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 27 Aug 2018 16:25:20 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4188)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Tue, 28 Aug 2018 22:05:58 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Tue, 28 Aug 2018 22:05:58 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 919f8473f736be70d08ef9a7c50a0999
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 112
x-transaction: 001acd9300417376
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H/1.1 200
OK Cookie set identity Show response
fastaction.ngpvan.com/api/v1/ 186 B
1 KB 2041ms
1901ms Script
text/javascript 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1535493958249=

Requested by

Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

29e5bbca078fd3fa2f51debc5bd73d74279cde58baae33dad09638e75783fb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fastaction.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==; visid_incap_1002065=jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8; nlbi_1002065=takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa; incap_ses_275_1002065=RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==; _ga=GA1.2.483501186.1535493958; _gid=GA1.2.14848715.1535493958; _dc_gtm_UA-28243511-20=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-CDN: Incapsula
X-Powered-By: Express
Transfer-Encoding: chunked
P3p: CP="NOI ADM DEV COM NAV OUR STP"
X-Iinfo: 10-55418499-55418509 NNNN CT(103 1005 0) RT(1535493958017 64) q(0 0 11 1) r(19 19) U4
Date: Tue, 28 Aug 2018 22:06:00 GMT
Connection: keep-alive
Content-Encoding: gzip
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
Server: Cowboy
Etag: W/"ba-129135862"
Vary: X-HTTP-Method-Override, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Set-Cookie: connect.sid=s%3ABKj1dcNf0dMwcINjINHqJA7xVnNElzJZ.OHtF%2FkjkMQp7%2BcLHXkvM8ZoCdvNQKQ3DFRg7TnNYyas; Path=/; Expires=Fri, 27 Aug 2021 02:01:35 GMT; HttpOnly; Secure visid_incap_972453=cbWjhChXSByyUhH0U0i7HUbHhVsAAAAAQUIPAAAAAAAuylIKJOSh46DmPNqupGpM; expires=Wed, 28 Aug 2019 14:26:05 GMT; path=/; Domain=.ngpvan.com nlbi_972453=zjgqCyG7RVJhh0CFfJwxMwAAAADGPx6n0tFdLt/+9FYKL/7T; path=/; Domain=.ngpvan.com incap_ses_275_972453=6w64Mx02siJHwvS+mwLRA0fHhVsAAAAAE9D9paBzkaruNq7j6QSUFg==; path=/; Domain=.ngpvan.com

GET
H/1.1 200
OK glyphicons-regular.woff2
d1aqhv4sn5kxtx.cloudfront.net/actiontag/fonts/ 94 KB
95 KB 8ms
8ms Font
binary/octet-stream 52.85.182.24
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/fonts/glyphicons-regular.woff2
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.182.24 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
Origin: https://secure.ngpvan.com

Response headers

Date: Fri, 02 Mar 2018 15:38:54 GMT
Via: 1.1 761f19bc2f5721b0be0a41147e1e925f.cloudfront.net (CloudFront)
Age: 84809
X-Cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
Content-Length: 96388
Last-Modified: Wed, 12 Apr 2017 14:33:38 GMT
Server: AmazonS3
ETag: "aca35251952e72d9e32d41217f0f97ab"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Amz-Cf-Id: Ek6lz8OdXwy8J373imIbkbKi2m1wPxWLA4NPmO9TT34_wwgVZEn5WA==

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
H/1.1 200
OK cc.png
d1aqhv4sn5kxtx.cloudfront.net/actiontag/images/ 3 KB
4 KB 7ms
7ms Image
image/png 52.85.182.234
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/images/cc.png
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.182.234 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-234.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

Referer: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Mar 2018 15:37:26 GMT
Via: 1.1 a034346227db119f7e0813186ca2d2c2.cloudfront.net (CloudFront)
Age: 77789
X-Cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
Content-Length: 3392
Last-Modified: Thu, 30 Apr 2015 15:08:39 GMT
Server: AmazonS3
ETag: "294b44fc8703a45684537d51e363c045"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Amz-Cf-Id: Vt3dx0Nf3NckuUwsN7QS3JEpn2McMJJ14gWaNvunMNbRhOeu0w_adg==

GET
H/1.1 200
OK fast-action.png
d1aqhv4sn5kxtx.cloudfront.net/images/ 1019 B
2 KB 7ms
6ms Image
image/png 52.85.182.234
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/images/fast-action.png
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.182.234 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-234.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321

Request headers

Referer: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 21 Jul 2018 19:05:45 GMT
Via: 1.1 a034346227db119f7e0813186ca2d2c2.cloudfront.net (CloudFront)
Age: 701932
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1019
Last-Modified: Fri, 06 Feb 2015 17:50:28 GMT
Server: AmazonS3
ETag: "fe324c0498d28e434d58e6d547ba19a1"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: FWh0b4lsnRgExSf9yNtNgGv5GAIEwQtSNwKwLaMz7pOl5eWCaDXeBg==

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=247864488&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2F-HZuQoMca0ijL_b7TZm4Ig2&ul=en-us&de=UTF-8&dt=Thank%20You%20for%20Supporting%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=483501186.1535493958&jid=1153731776&_gid=14848715.1535493958&gjid=673491101&_v=j68&z=1068588467

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=483501186.1535493958&jid=1153731776&_gid=14848715.1535493958&gjid=673491101&_v=j68&z=1068588467

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c00::9d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 28 Aug 2018 22:05:58 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Aug 2018 22:05:58 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=483501186.1535493958&jid=1153731776&_gid=14848715.1535493958&gjid=673491101&_v=j68&z=1068588467
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
93 B 7ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=247864488&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2F-HZuQoMca0ijL_b7TZm4Ig2&ul=en-us&de=UTF-8&dt=Thank%20You%20for%20Supporting%20the%20House%20Majority%20Project&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEAB~&jid=&gjid=&cid=483501186.1535493958&tid=UA-28243511-20&_gid=14848715.1535493958&gtm=G865L2FSL&cd1=ContributionForm&z=648232876

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Aug 2018 17:07:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 968310
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set -HZuQoMca0ijL_b7TZm4Ig2
secure.ngpvan.com/v1/Track/ 0
601 B 186ms
185ms Image
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.ngpvan.com/v1/Track/-HZuQoMca0ijL_b7TZm4Ig2

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==; TiPMix=61.3982873323366; visid_incap_1002065=jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8; nlbi_1002065=takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa; incap_ses_275_1002065=RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==; ai_user=13TC1|2018-08-28T22:05:57.899Z; ___utmvc=QWlVmf9clVuvs129Y8GTU+0SSeellEwur0fFX7MGj4BWMTqziyzq3o+EH2uecJ+nOKYJCC3g9eQ17NMubdZtF1s07N5oEWl5m7C7gltARsX9gqm9BZaZ4wkZGEcUB8jdZzz9J6m6oe3HF4Zh+SsEGPOqNBflTFQPBYj7D/QLqkILufZd1ZnMSygQ0kKyYfgwj2moR4o9yb8hIdYI/CuPTTOR9wx9Ff+4c8atz4Mz+bkbR7g7iBqHRzTggWYPqyfDJvaJ9nZIYzMeQZSJeNxocWFYtQZlL03easbCE8TbnqjHkwvxLT+kqJd9iyIMi1TPswt2u3DwYJ9GYsOCX3NQTwRJM4zwTlNffprku5giIkZKUoJO7l0d4csjPIxfIQN//BpfDQ5dv1nZLoGq457uQOjnFPLoDAFC5iH0ywV/OjzIGO8ZAR0gJHZpbJHBB3Bs8DS2oYMfezBWmZ+JWTbG3u9Ep7AXXiElbO+KYEUQc6ME+f84OwUgX5QYaKJHsXycu0CvK3EqlqvDWvleaIUAQNtWleI31l2X1loxC2iBbm30e5pBCIe4rZiskwuEvpVrDO8x5ZB2P5ywpJCJnyTTx4pLKy23ybm6LZtJsSlaMf52pdMrqKB0ENbXyZwHacIE0JDnJh5Zn5pfWGz1vtrT+qTEgA/zrbFRDe96PXs9F4g/9GhRH6RNtn9E8fQgwcnzdgGUKRRmu9Gqtpx3LjuNMqcQYNsSxNu3gfppwK+bIjFZLkivEfiEaK67bQv0eiwAIoTOizJ7HQiZ3w2qds+t+vEArAGD2a/cPOMYM4xvmqIUC3aOZb5FNXEF13Pn2fFj2zHbt5lwf/bTSz/PkOskmUbZTDy+lctigxdih/So9tyITEfNXIgYVZeMu1dzDNMiuMaLDY6Slmum3H8uOFbUA2jpVAF+xQZkcBZtlCUfXguTHSAAh5gB9f1IbTnbHoL/BaM7oAVQkQDuthyp+HULZV4+dVmF6kGWlQ/DWmXTH26qcRzfYMPITO57fPymEmorXjbJj9MX8sw2SCVLMniexjbtvr6yU2sQrqJrCJFkm4+r5u2W/XICZ/ZDZZjNuQ7UCm5TlhGGla3O1NDWq+Ym7CEoh7l7qDB9ktZK5aIuz12G6mQtVuXWIWAwakeIjHB67mWrdyY8+XNTgeYjrNh9DdX9BJB+YZKfLGRpZ2VzdD04Njg3Niw4Njg4MyxzPTZlNzc2OTliOWI5NzkwNmY2ZWEwNjI5MTdjOWNhMjY2NzBhOTliODE3ZTdjODVhYTcxODQ5ODVjYTU4ZTgyODI5ZDYzYTBhMjgwYWQ2OTc1; _ga=GA1.2.483501186.1535493958; _gid=GA1.2.14848715.1535493958; _dc_gtm_UA-28243511-20=1; ai_session=vbKAl|1535493958241.3|1535493958241.3; _gat_UA-28243511-20=1; _ga=GA1.3.483501186.1535493958; _gid=GA1.3.14848715.1535493958
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Date: Tue, 28 Aug 2018 22:05:58 GMT
X-Frame-Options: SAMEORIGIN
X-Iinfo: 2-21977855-21977859 SNNN RT(1535493956394 1659) q(0 0 0 -1) r(2 2) U2
Cache-Control: no-cache
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Set-Cookie: ___utmvc=a; Max-Age=0; path=/; expires=Tue, 21 Aug 2018 14:24:17 GMT
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: -1

GET
S 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=247864488&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2F-HZuQoMca0ijL_b7TZm4Ig2&ul=en-us&de=UTF-8&dt=Thank%20You%20for%20Supporting%20the%20House%20Majority%20Project&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Fill&el=FastAction&ev=7&_u=aGHAAEAB~&jid=&gjid=&cid=483501186.1535493958&tid=UA-28243511-20&_gid=14848715.1535493958&gtm=G865L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP03%2F1%2F68936&cd4=1000611&cd5=General%20Contribution&cd6=-HZuQoMca0ijL_b7TZm4Ig2&z=1533715978

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Aug 2018 17:07:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 968310
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set nvtag Show response
profile.ngpvan.com/v2/data/6TwqvWj4J7G43CT3UbvYyc5Z/ 2 B
679 B 426ms
129ms XHR
application/json 40.114.13.25
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/6TwqvWj4J7G43CT3UbvYyc5Z/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Pragma: no-cache
Origin: https://secure.ngpvan.com
Accept-Encoding: gzip, deflate
Host: profile.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Connection: keep-alive
Cache-Control: no-cache
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Origin: https://secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 22:05:58 GMT
Content-Encoding: gzip
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Server: Microsoft-IIS/10.0
X-Powered-By: Express ASP.NET
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://secure.ngpvan.com
Access-Control-Allow-Credentials: true
Set-Cookie: TiPMix=60.6777568630305; path=/; HttpOnly; Domain=profile.ngpvan.com
Content-Length: 123
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 56D3
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D6) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 6807B6FAF06E597093B0F55F54DD89EE

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Aug 2018 22:05:58 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 27 Aug 2018 16:25:20 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40D6)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Tue, 28 Aug 2018 22:05:58 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Tue, 28 Aug 2018 22:05:58 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 919f8473f736be70d08ef9a7c50a0999
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 121
x-transaction: 0007311a00e7eb02
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H/1.1 204
No Content 6TwqvWj4J7G43CT3UbvYyc5Z Show response
secure.everyaction.com/Databag/Profile/ 0
1 KB 641ms
503ms XHR
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/6TwqvWj4J7G43CT3UbvYyc5Z

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Origin: https://secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Tue, 28 Aug 2018 22:05:59 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
X-Iinfo: 9-29879228-29879232 NNNN CT(114 231 0) RT(1535493958614 67) q(0 0 4 0) r(5 5) U11
Cache-Control: private
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content Cookie set 6TwqvWj4J7G43CT3UbvYyc5Z Show response
secure.ngpvan.com/Databag/Profile/ 0
631 B 156ms
155ms XHR
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/6TwqvWj4J7G43CT3UbvYyc5Z

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Cookie: visid_incap_1392936=cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+; nlbi_1392936=kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc; incap_ses_275_1392936=OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==; TiPMix=61.3982873323366; visid_incap_1002065=jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8; nlbi_1002065=takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa; incap_ses_275_1002065=RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==; ai_user=13TC1|2018-08-28T22:05:57.899Z; _ga=GA1.2.483501186.1535493958; _gid=GA1.2.14848715.1535493958; _dc_gtm_UA-28243511-20=1; ai_session=vbKAl|1535493958241.3|1535493958241.3; _gat_UA-28243511-20=1; _ga=GA1.3.483501186.1535493958; _gid=GA1.3.14848715.1535493958
Connection: keep-alive
Request-Id: |/F6SX.iEhIL
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Accept: */*
Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
X-Requested-With: XMLHttpRequest
Request-Id: |/F6SX.iEhIL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Tue, 28 Aug 2018 22:05:58 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
X-Iinfo: 2-21977855-21977859 SNNN RT(1535493956394 2149) q(0 0 0 -1) r(1 1) U11
Cache-Control: private
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Set-Cookie: ProfileDatabagId=6TwqvWj4J7G43CT3UbvYyc5Z; domain=.ngpvan.com; expires=Mon, 28-Aug-2028 22:05:58 GMT; path=/
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
S 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
5ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=247864488&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.ngpvan.com%2F-HZuQoMca0ijL_b7TZm4Ig2&ul=en-us&de=UTF-8&dt=Thank%20You%20for%20Supporting%20the%20House%20Majority%20Project&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Fill&el=FastAction&ev=9&_u=aGHAAEAB~&jid=&gjid=&cid=483501186.1535493958&tid=UA-28243511-20&_gid=14848715.1535493958&gtm=G865L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP03%2F1%2F68936&cd4=1000611&cd5=General%20Contribution&cd6=-HZuQoMca0ijL_b7TZm4Ig2&z=2080247948

Requested by

Host: secure.ngpvan.com
URL: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Aug 2018 17:07:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 968310
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 0
361 B 205ms
71ms XHR
text/plain 52.169.64.244
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.169.64.244 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://secure.ngpvan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type,sdk-context

Response headers

Date: Tue, 28 Aug 2018 22:06:00 GMT
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 0

POST
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 96 B
569 B 577ms
577ms XHR
application/json 52.169.64.244
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.169.64.244 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

d2be42c5a8a5fb6841b10fb0af34a62a9cf554ff3a6cb42be8f6d5673572da96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.ngpvan.com/-HZuQoMca0ijL_b7TZm4Ig2
Origin: https://secure.ngpvan.com
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: F99C2CF7-FAAE-41E0-ADD1-AA0867141E24
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Max-Age: 3600
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Date: Tue, 28 Aug 2018 22:06:00 GMT
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 96

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_275_972453 Value: 6w64Mx02siJHwvS+mwLRA0fHhVsAAAAAE9D9paBzkaruNq7j6QSUFg==
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_972453 Value: zjgqCyG7RVJhh0CFfJwxMwAAAADGPx6n0tFdLt/+9FYKL/7T
.ngpvan.com/	1970-01-18 18:33:00	Name: _gid Value: GA1.2.14848715.1535493958
.ngpvan.com/	1970-01-19 12:02:45	Name: _ga Value: GA1.2.483501186.1535493958
.ngpvan.com/	1970-01-19 03:16:42	Name: visid_incap_972453 Value: cbWjhChXSByyUhH0U0i7HUbHhVsAAAAAQUIPAAAAAAAuylIKJOSh46DmPNqupGpM
.ngpvan.com/	1970-01-19 03:16:42	Name: visid_incap_1392936 Value: cLYU9L8pSdahL2vvk2/aBEPHhVsAAAAAQUIPAAAAAAByOmI94UH0kUSxtshz4Kl+
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_275_1002065 Value: RaLFCA05gkxiwPS+mwLRA0THhVsAAAAAhlT2I4qQ8Afi4FwLV4/r4w==
.secure.ngpvan.com/	1970-01-19 12:02:45	Name: _ga Value: GA1.3.483501186.1535493958
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_1002065 Value: takeGjxlexQ2JsL9QlPsZwAAAADzTOWF/oMCxT9XhT9pQhwa
.secure.ngpvan.com/	1970-01-18 18:33:00	Name: _gid Value: GA1.3.14848715.1535493958
.secure.ngpvan.com/	1969-12-31 23:59:59	Name: TiPMix Value: 61.3982873323366
.ngpvan.com/	1970-01-18 18:31:34	Name: _gat_UA-28243511-20 Value: 1
secure.ngpvan.com/	1970-01-19 03:17:09	Name: ai_user Value: 13TC1\|2018-08-28T22:05:57.899Z
.ngpvan.com/	1970-01-22 10:11:53	Name: ProfileDatabagId Value: 6TwqvWj4J7G43CT3UbvYyc5Z
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_275_1392936 Value: OFDUDGMCfG2Rv/S+mwLRA0THhVsAAAAAXUgy/iK7bCwrEC6UHtNGfw==
.ngpvan.com/	1970-01-19 03:16:42	Name: visid_incap_1002065 Value: jVOTptefRamWTErThuQnDUTHhVsAAAAAQUIPAAAAAACh5qT7vFtD42NBvM58axw8
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_1392936 Value: kCVcQBxyIkHA3YrU8yayPAAAAABBnSLSe/uRkGsqkqyUpmbc
secure.ngpvan.com/	1970-01-18 18:31:35	Name: ai_session Value: vbKAl\|1535493958241.3\|1535493958241.3
.ngpvan.com/	1970-01-18 18:31:34	Name: _dc_gtm_UA-28243511-20 Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7) Message: Downloading: 245.7080078125ms
console-api	debug	URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7) Message: Processing: 34.41015625ms
console-api	debug	URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7) Message: Render: 40.632080078125ms
console-api	debug	URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7) Message: Fill: 36.21875ms
console-api	debug	URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7) Message: Form: 358.527099609375ms
console-api	debug	URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7) Message: Total: 415.337158203125ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
click.ngpvan.com
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
nvlupin.blob.core.windows.net
platform.twitter.com
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
ssl.google-analytics.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
www.google-analytics.com
www.googletagmanager.com
104.244.42.8
137.116.3.20
152.199.19.160
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:81a::200e
2a00:1450:4001:81e::2008
2a00:1450:4001:821::2008
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
40.114.13.25
45.60.33.183
52.169.64.244
52.85.182.234
52.85.182.24
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e
0bb4162f0b42086a35ba69b25bbebb373401777a9fbfee8e45b56f502cff7a64
114ec97cb993bab509585f41b2880fdd81056b2fdd9ca3b8a588edf491470d81
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a96380bd91465ba6f2565665ca626ea68766d5b974c5e029a45736552366a2b
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
25c868b823baf8d30c3af7ced6ff330ded26d08e841dfa93feea17811d7f5fb8
29e5bbca078fd3fa2f51debc5bd73d74279cde58baae33dad09638e75783fb76
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321
606f479d5cfb49edf886b5a2b207186a3fdc6d764318ee06de84fa86cadb7f3c
7fe12870f475c52173d4d1eacd47c2560e58440e86da20385a088bc035174534
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0
8f89c1d49d9f261af0641bcc3240a15abd8237e11850883aca1bf0dfb1babc0b
9a86f5f34b97d11987473f75ed7dbf32b6849f4986122936ef6adf38a27a3804
a0d5abc8b0c826a3070659eb2f2be12308e146a8456323345221a478cefd59e9
b6cf1f9ed46514f54baa911b7d90e33b37fdbad233e7bed13be59e8cfe142f87
bf52bd406d9c6393253ff92c79fdd758ebe8643dfb1a515583a8cc68659e26ac
ce6e84fd29d8249fff2bf47a3446776d446ecb80f8e8d5ec24cb9d7daa0e1743
d2be42c5a8a5fb6841b10fb0af34a62a9cf554ff3a6cb42be8f6d5673572da96
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
d91803d77ded1e51736e9436763c5df2523aab5992277ff21ff6224187d326bf
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

secure.ngpvan.com Open in urlscan Pro 45.60.33.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

43 %IPv6

12 Domains

17 Subdomains

14 IPs

2 Countries

632 kBTransfer

1880 kBSize

19 Cookies

8 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

secure.ngpvan.com Open in urlscan Pro
45.60.33.183 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

43 %
IPv6

12
Domains

17
Subdomains

14
IPs

2
Countries

632 kB
Transfer

1880 kB
Size

19
Cookies

42 HTTP transactions
2 data transactions