URL: https://act.myngp.com/Forms/4109543846649857792
Submission: On October 26 via api from US

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 47 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is act.myngp.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 17th 2019. Valid for: 2 years.
This is the only time act.myngp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
13 www.google-analytics.com www.googletagmanager.com
az416426.vo.msecnd.net
act.myngp.com
8 d3rse9xjbp8270.cloudfront.net act.myngp.com
d3rse9xjbp8270.cloudfront.net
www.googletagmanager.com
6 act.myngp.com act.myngp.com
3 stats.g.doubleclick.net az416426.vo.msecnd.net
3 js2.verygoodvault.com d3rse9xjbp8270.cloudfront.net
js2.verygoodvault.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 profile.ngpvan.com d3rse9xjbp8270.cloudfront.net
az416426.vo.msecnd.net
2 d1aqhv4sn5kxtx.cloudfront.net act.myngp.com
www.googletagmanager.com
2 www.googletagmanager.com act.myngp.com
d3rse9xjbp8270.cloudfront.net
1 secure.ngpvan.com az416426.vo.msecnd.net
1 secure.everyaction.com az416426.vo.msecnd.net
1 fastaction.ngpvan.com d3rse9xjbp8270.cloudfront.net
1 formdefs.s3.amazonaws.com az416426.vo.msecnd.net
1 ssl.google-analytics.com act.myngp.com
1 az416426.vo.msecnd.net act.myngp.com
47 15

This site contains links to these domains. Also see Links.

Domain
www.pahdcc.com
fastaction.ngpvan.com
www.ngpvan.com
Subject Issuer Validity Valid
act.myngp.com
Go Daddy Secure Certificate Authority - G2
2019-10-17 -
2021-12-15
2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2020-04-16 -
2022-04-21
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.ngpvan.com
RapidSSL RSA CA 2018
2018-02-08 -
2021-02-07
3 years crt.sh
*.verygoodvault.com
Amazon
2020-04-17 -
2021-05-17
a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2019-11-09 -
2021-03-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
in.applicationinsights.azure.com
Microsoft IT TLS CA 4
2020-04-30 -
2022-04-30
2 years crt.sh
*.everyaction.com
RapidSSL TLS RSA CA G1
2020-05-28 -
2022-05-28
2 years crt.sh

This page contains 3 frames:

Primary Page: https://act.myngp.com/Forms/4109543846649857792
Frame ID: 32D79002C135D74867076DEFD216B815
Requests: 46 HTTP requests in this frame

Frame: https://js2.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId260541339642197842&formId=randomId26047753129447917275&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Frame ID: F995B6D1EB73BE7348C0F0120546B64E
Requests: 1 HTTP requests in this frame

Frame: https://js2.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId260820234168651943&formId=randomId26047753129447917275&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Frame ID: 06A7754EC677BDC18AD9EFC8763F1DE4
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

47
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

15
Subdomains

12
IPs

4
Countries

642 kB
Transfer

1852 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set 4109543846649857792
act.myngp.com/Forms/
8 KB
4 KB
Document
General
Full URL
https://act.myngp.com/Forms/4109543846649857792
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e40bb3a414ddf430b8a4c8e0ca237d959056de01c3b45226fbbc4f80f3e171c0

Request headers

Host
act.myngp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=0zfwwybrwa34xg1yrmhu3vc4; path=/; HttpOnly; SameSite=Lax BIGipServerpool_ob_act_myngp_com=!IAKyvIQfWEAgAY2elORt2Gkftlsy/9MW/VP9JVUKAOFxFoakxaMh/7ulhN4uW3S4kOSrBG/h8GwQji2uBe6J1CViwsmLrIGHy05CaYgPA8aiN/VrDPBSiTYdjSNl1rKWD5EC/jnVWC+k6gCAgGVNak9uJEPx4mo=; path=/ visid_incap_364709=GANsNxH2THych7+V+hcALSTbll8AAAAAQUIPAAAAAADtNdVH0JaJ9a14s3f0dwCc; expires=Tue, 26 Oct 2021 06:52:50 GMT; HttpOnly; path=/; Domain=.myngp.com incap_ses_1176_364709=i3fhVeojbXZ5AZHe7v1RECTbll8AAAAAYLzTlsS+FgR9JlxaMB20+g==; path=/; Domain=.myngp.com
X-AspNetMvc-Version
4.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Date
Mon, 26 Oct 2020 14:20:20 GMT
X-CDN
Incapsula
Transfer-Encoding
chunked
X-Iinfo
13-68666760-68666765 NNNN CT(81 191 0) RT(1603722020338 66) q(0 0 2 2) r(4 4) U12
c5716e71-89d0-4670-9bcb-60bcc87ed37f.Original.PA%20HDCC-donate.css
act.myngp.com/Uploads/2145/
3 KB
2 KB
Stylesheet
General
Full URL
https://act.myngp.com/Uploads/2145/c5716e71-89d0-4670-9bcb-60bcc87ed37f.Original.PA%20HDCC-donate.css
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/4109543846649857792
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
61adbd179c78a11cb84a341f613a33d0fc6cf3b370c489f48bfdb1df67db96f8

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 14:20:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 20:39:33 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"acfc91b27a67d61:0"
Vary
Accept-Encoding
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-Iinfo
13-68666760-68619155 2NNN RT(1603722020338 511) q(0 0 0 -1) r(6 6) U18
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
1193
X-CDN
Incapsula
at.js
d3rse9xjbp8270.cloudfront.net/
816 KB
231 KB
Script
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/4109543846649857792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9600:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7a2fe21142b2cc05ed28f766802f9f3b248427ecb3dd88543f7e51420e591df

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 18:11:51 GMT
content-encoding
gzip
age
72511
x-cache
Hit from cloudfront
status
200
content-length
235846
access-control-allow-origin
*
last-modified
Fri, 16 Oct 2020 11:11:56 GMT
server
AmazonS3
etag
"d43738f53ccd7c4642857504b6285a00"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
HiryB33KFjvlIDbDZ-IvGTfbvrvJOIbufXZRlMGVe758oS5jxvrR5w==
Logo%20Official(8).jpg
act.myngp.com/Uploads/2145/images/
50 KB
51 KB
Image
General
Full URL
https://act.myngp.com/Uploads/2145/images/Logo%20Official(8).jpg
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/4109543846649857792
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
27b77d036dac5752b77a119aefb43668b499ea6ab58a881cab3fe11b2c9bdbb6

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 14:20:21 GMT
Last-Modified
Wed, 10 Jun 2020 16:21:37 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"9c56a37433fd61:0"
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-Iinfo
12-61734140-61732683 2NNN RT(1603722020960 20) q(0 0 0 -1) r(5 5) U18
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
51673
X-CDN
Incapsula
_Incapsula_Resource
act.myngp.com/
128 KB
18 KB
Script
General
Full URL
https://act.myngp.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=398796924
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/4109543846649857792
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f4d829eb071f3a5014ebe007af1768a283746111848f27ff763c60ee595f9392

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
18662
Content-Type
application/javascript
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/4109543846649857792
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Oct 2020 14:20:21 GMT
content-encoding
gzip
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
919
x-cache
HIT
status
200
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 01 Oct 2020 19:31:04 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8664089864073
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9b3fd60c-201e-0049-6ca0-abd58d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Mon, 26 Oct 2020 14:50:21 GMT
gtm.js
www.googletagmanager.com/
111 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WN78RH
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/4109543846649857792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a078118abe95eccf2e588ecc78ea28d61669815f64d53f1f4964a9aca8a36860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 26 Oct 2020 14:20:21 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36563
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Oct 2020 14:20:21 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/4109543846649857792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
1577
date
Mon, 26 Oct 2020 13:54:04 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 26 Oct 2020 15:54:04 GMT
ngpvan-logo-16.png
d1aqhv4sn5kxtx.cloudfront.net/images/
617 B
1 KB
Image
General
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/images/ngpvan-logo-16.png
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/4109543846649857792
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.23.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 26 Sep 2020 07:59:30 GMT
Via
1.1 b63f332297d95bccb0f4e41c4aef0ab1.cloudfront.net (CloudFront)
Age
2614852
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
617
Last-Modified
Thu, 28 Aug 2014 21:19:38 GMT
Server
AmazonS3
ETag
"3d6f9aab1e809b87c195e78264cb01f8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
uXYWTd6_k6RJZlorvEbOr2qUv9lVEDL740PmoAfqm2lFKlVj-XWkBQ==
identity
profile.ngpvan.com/
72 B
1 KB
Script
General
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
4adc550c41f0c01cd8d62afd3eb13e3b0cbdaffc08e79784bd42470b004b2d6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 26 Oct 2020 14:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
vary
Accept-Encoding
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
status
200
x-iinfo
12-61734287-61734289 2NNN RT(1603722021654 0) q(0 0 0 0) r(3 3)
x-cdn
Incapsula
content-type
text/javascript; charset=utf-8
content-length
191
etag
W/"48-jknzC2fDofqS+IAUA9ExeGUiQio"
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
gtm.js
www.googletagmanager.com/
93 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7d1417b2f2fbc64d0df65908d0a6a70c8cf00f18809a55fc90547673ed0991b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 26 Oct 2020 14:20:21 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33373
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Oct 2020 14:20:21 GMT
at.min.css
d3rse9xjbp8270.cloudfront.net/
111 KB
21 KB
Stylesheet
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9600:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e83dfb93fa54757ddf18fc003b152cb4b5cab5f10054cc3315b9d0c8a7ad06e7

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 26 Oct 2020 09:51:52 GMT
content-encoding
gzip
age
16110
x-cache
Hit from cloudfront
status
200
content-length
20616
access-control-allow-origin
*
last-modified
Fri, 16 Oct 2020 11:11:56 GMT
server
AmazonS3
etag
"496d09b7ed480ab0bbd8cec066dfec17"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
Jk50gSCfG_S-nV8r33cEeJ77jOz066zqCVvFjo69Gel4wPQQlTxuEA==
extra.min.css
d3rse9xjbp8270.cloudfront.net/
92 KB
16 KB
Stylesheet
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9600:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad6db6aac71469960bd005df1616fb95f11906bc2fb0c64e7c348026cb8e1d66

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 26 Oct 2020 13:55:23 GMT
content-encoding
gzip
age
37040
x-cache
Hit from cloudfront
status
200
content-length
15886
access-control-allow-origin
*
last-modified
Fri, 16 Oct 2020 11:11:56 GMT
server
AmazonS3
etag
"5377ef12fa07c855200716e8ce58413c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
f0VLvaVTx_t-2W07aDfctpxXwVUDi8FbxbnymrJHGo5N03Ywdn67HA==
_Incapsula_Resource
act.myngp.com/
1 B
123 B
Image
General
Full URL
https://act.myngp.com/_Incapsula_Resource?SWKMTFSR=1&e=0.2855473334263128
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/4109543846649857792
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
AC2nt8erbFu3svSWxmyTZr1b.js
js2.verygoodvault.com/vgs-collect/1/
76 KB
24 KB
Script
General
Full URL
https://js2.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:a600:14:79be:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
s108w9ESk9MsUpkYVuIVY.XmC2guOF28
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 24 Apr 2020 20:22:27 GMT
Server
AmazonS3
X-Amz-Cf-Pop
ZAG50-C1
ETag
"9b953aa54ddcf3f41bc5a40e25cf8452"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 7ec84fa8ea386135e27faa4bc393cabb.cloudfront.net (CloudFront)
Date
Mon, 26 Oct 2020 14:20:21 GMT
Connection
keep-alive
X-Amz-Cf-Id
wKEO8EVwx9mi3HwL92Bt3GhS42zVYNSlBuSbkAIrKHTqx9vwmAbCOA==
4109543846649857792
formdefs.s3.amazonaws.com/api.myngp.com/
11 KB
4 KB
XHR
General
Full URL
https://formdefs.s3.amazonaws.com/api.myngp.com/4109543846649857792
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.147.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7f76d154e94fbdd849b4b256fc70aeb5e0f30ccb70025dec53b6748490c8839d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 14:20:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Sep 2020 23:33:16 GMT
Server
AmazonS3
x-amz-request-id
EA4615CEFE5120D6
ETag
"dd28fb2f3dad2ae786119819a515f69e"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
max-age=0
Accept-Ranges
bytes
Content-Length
3326
x-amz-id-2
VRNwYNYYRDzZZ5l+iSCCNsjNvV+OzBMeF127vizK6XS03SJaNQ+oVOrYxEViyTPRNLaHnumOI6U=
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WN78RH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
3873
date
Mon, 26 Oct 2020 13:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Mon, 26 Oct 2020 15:15:48 GMT
ngpvan-logo-16.png
d3rse9xjbp8270.cloudfront.net/assets/images/
617 B
1 KB
Image
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/images/ngpvan-logo-16.png
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9600:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16

Request headers

Referer
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 10:52:05 GMT
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
age
3295696
x-cache
Hit from cloudfront
status
200
content-length
617
last-modified
Thu, 03 Oct 2019 17:12:46 GMT
server
AmazonS3
etag
"3d6f9aab1e809b87c195e78264cb01f8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
pM11wWGUEwVe1G_e8dVquKaBG2ckv3miOqbhNGkv8KdHuMFuouA6Hg==
collect
www.google-analytics.com/j/
1 B
63 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1968199598&t=pageview&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F4109543846649857792&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=101563537.1361648720.1603722022.1603722022.1603722022.1&_utmz=101563537.1603722022.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603722022002&_u=YQBCAAABAAAAAC~&jid=2068897950&gjid=1183818129&cid=1361648720.1603722022&tid=UA-28243511-13&_gid=1092476875.1603722022&_r=1&gtm=2wgae1WN78RH&z=1912442721
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Oct 2020 14:20:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://act.myngp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
85 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-28243511-5&cid=1361648720.1603722022&jid=55733030&gjid=849680858&_gid=1092476875.1603722022&_u=YSDCgAABAAAAAG~&z=1493354961
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 26 Oct 2020 14:20:22 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://act.myngp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
120 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=1968199598&t=pageview&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F4109543846649857792&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=101563537.1361648720.1603722022.1603722022.1603722022.1&_utmz=101563537.1603722022.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603722022009&_u=YSDCgAABAAAAAC~&jid=55733030&gjid=849680858&cid=1361648720.1603722022&tid=UA-28243511-5&_gid=1092476875.1603722022&gtm=2wgae1WN78RH&cd1=ACCOUNT%20ADMIN&cd2=Pennsylvania%20House%20Democratic%20Campaign%20Committee&z=222037298
Requested by
Host: act.myngp.com
URL: https://act.myngp.com/Forms/4109543846649857792
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Oct 2020 16:22:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79072
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sweetspot.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/
8 KB
9 KB
Script
General
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.23.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 25 Oct 2020 15:15:28 GMT
Via
1.1 b63f332297d95bccb0f4e41c4aef0ab1.cloudfront.net (CloudFront)
Age
83095
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8149
Last-Modified
Tue, 06 Aug 2019 21:06:41 GMT
Server
AmazonS3
ETag
"37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, s-maxage=86400, public
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
-fyLOF93XMlr-1P8XqNdcFxZjJ7V2MhPusQsShIhTR4naWuCfQpxrw==
nvtag
profile.ngpvan.com/v2/data/TjHzv9NJXQip1Ndote09ATaz/
2 B
936 B
XHR
General
Full URL
https://profile.ngpvan.com/v2/data/TjHzv9NJXQip1Ndote09ATaz/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 26 Oct 2020 14:20:21 GMT
content-encoding
gzip
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
server
Microsoft-IIS/10.0
status
200
x-powered-by
Express, ASP.NET
vary
Origin,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://act.myngp.com
x-iinfo
11-58847156-58847158 NNNN CT(0 0 2) RT(1603722022053 0) q(0 0 3 0) r(3 3) U12
access-control-allow-credentials
true
content-length
123
x-cdn
Incapsula
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=1968199598&t=timing&_s=2&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F4109543846649857792&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1712&pdt=1&dns=9&rrt=0&srt=459&tcp=62&dit=1242&clt=1242&_gst=1396&_gbt=1555&_cst=1213&_cbt=1307&_utma=101563537.1361648720.1603722022.1603722022.1603722022.1&_utmz=101563537.1603722022.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603722022164&_u=YSDCgAABAAAAAG~&jid=&gjid=&cid=1361648720.1603722022&tid=UA-28243511-5&_gid=1092476875.1603722022&gtm=2wgae1WN78RH&cd1=ACCOUNT%20ADMIN&cd2=Pennsylvania%20House%20Democratic%20Campaign%20Committee&z=1655603470
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Oct 2020 16:22:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79072
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ Frame
0
0
Other
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://act.myngp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Mon, 26 Oct 2020 14:20:22 GMT
content-length
0
track
dc.services.visualstudio.com/v2/
96 B
213 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e7c9a0742c7ef8aeb57d04bfbed7e20fa839d09356ccad0baa96c9b4f48e96bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
7CD93B54-0B28-4839-817B-904884ADA8DA
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
status
200
date
Mon, 26 Oct 2020 14:20:22 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96
collect
www.google-analytics.com/j/
1 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1968199598&t=timing&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F4109543846649857792&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utl=4109543846649857792&utt=417&_utma=101563537.1361648720.1603722022.1603722022.1603722022.1&_utmz=101563537.1603722022.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603722022246&_u=aSDCAEABAAAAAG~&jid=1017388030&gjid=25979343&cid=1361648720.1603722022&tid=UA-28243511-22&_gid=1092476875.1603722022&_r=1&gtm=2wgae15L2FSL&z=1649927252
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Oct 2020 14:20:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://act.myngp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
3874
date
Mon, 26 Oct 2020 13:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Mon, 26 Oct 2020 15:15:48 GMT
identity
fastaction.ngpvan.com/api/v1/
186 B
1 KB
Script
General
Full URL
https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1603722022254=
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Cowboy / Express
Resource Hash
38fc8274bd57cfec2853cc8dad294fc4f02ac16d7a8016e7157409dbc2a23312
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
via
1.1 vegur
x-content-type-options
nosniff
x-cdn
Incapsula
x-powered-by
Express
p3p
CP="NOI ADM DEV COM NAV OUR STP"
status
200
x-iinfo
12-61734380-61734381 NNYN CT(85 179 0) RT(1603722022150 0) q(0 0 3 0) r(4 4) U18
date
Mon, 26 Oct 2020 14:20:22 GMT
content-encoding
gzip
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
server
Cowboy
etag
W/"ba-8GhNpdWkTVotx2Oq0G+vhPmTiQ8"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=0
truncated
/
73 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/
94 KB
95 KB
Font
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9600:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Origin
https://act.myngp.com
Referer
https://d3rse9xjbp8270.cloudfront.net/at.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 20:07:20 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
age
65583
x-cache
Hit from cloudfront
status
200
content-length
96388
last-modified
Thu, 03 Oct 2019 17:12:45 GMT
server
AmazonS3
etag
"aca35251952e72d9e32d41217f0f97ab"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
jyl7KzayFto4pVgXa1i98x-9ewg7LbBdl3v1IFZmoN24DlMBnXmf9Q==
collect
www.google-analytics.com/j/
2 B
25 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1968199598&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F4109543846649857792&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Accelerator&ev=19&_utma=101563537.1361648720.1603722022.1603722022.1603722022.1&_utmz=101563537.1603722022.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603722022595&_u=aSHCAEABAAAAAG~&jid=862080531&gjid=746937330&cid=1361648720.1603722022&tid=UA-28243511-20&_gid=1092476875.1603722022&_r=1&gtm=2wgae15L2FSL&cd6=4109543846649857792&z=831615802
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Oct 2020 14:20:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://act.myngp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
440 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-28243511-20&cid=1361648720.1603722022&jid=160297245&gjid=145523113&_gid=1092476875.1603722022&_u=aSHCgEABAAAAAG~&z=882682475
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 26 Oct 2020 14:20:22 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://act.myngp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtmtools.js
d3rse9xjbp8270.cloudfront.net/assets/js/
5 KB
2 KB
Script
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/js/gtmtools.js?v=20201015
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9600:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3640790896e1e02b28458ca856ec1009e6c9e5b5d4331333f5d216e70cd9aed2

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 10:23:51 GMT
content-encoding
gzip
age
964592
x-cache
Hit from cloudfront
status
200
content-length
1161
access-control-allow-origin
*
last-modified
Thu, 15 Oct 2020 10:14:54 GMT
server
AmazonS3
etag
"b16ec9d34ecd972a365497b12bd66949"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
fOUN6-nKRInRoO8e_lbLWRz68ykbZt0FQ9C5aNm6fo2hqHLNnwzyqw==
truncated
/
784 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
cc.png
d3rse9xjbp8270.cloudfront.net/assets/images/
3 KB
4 KB
Image
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/images/cc.png
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9600:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

Referer
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 16:06:14 GMT
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
age
3795249
x-cache
Hit from cloudfront
status
200
content-length
3392
last-modified
Thu, 03 Oct 2019 17:12:45 GMT
server
AmazonS3
etag
"294b44fc8703a45684537d51e363c045"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
ZLlcK-08qoRUDjmeoHP6FE16ccwPw7NV9nbAPFZVpQQqHKIcLr6SpA==
collect
www.google-analytics.com/
35 B
63 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=1968199598&t=pageview&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F4109543846649857792&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=101563537.1361648720.1603722022.1603722022.1603722022.1&_utmz=101563537.1603722022.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603722022602&_u=aSHCgEABAAAAAG~&jid=160297245&gjid=145523113&cid=1361648720.1603722022&tid=UA-28243511-20&_gid=1092476875.1603722022&gtm=2wgae15L2FSL&cd6=4109543846649857792&z=568830015
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Oct 2020 16:22:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79073
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=1968199598&t=timing&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F4109543846649857792&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utl=4109543846649857792&utt=356&_utma=101563537.1361648720.1603722022.1603722022.1603722022.1&_utmz=101563537.1603722022.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603722022611&_u=aSHCAEABAAAAAG~&jid=&gjid=&cid=1361648720.1603722022&tid=UA-28243511-22&_gid=1092476875.1603722022&gtm=2wgae15L2FSL&z=1206764268
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Oct 2020 16:22:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79073
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
4109543846649857792
act.myngp.com/fo/
153 B
622 B
Image
General
Full URL
https://act.myngp.com/fo/4109543846649857792
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
be1aa6f249c3d87f6cab908c30ff90f6519c4858f24ab4ad94cce1e0083f8d65

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 14:20:22 GMT
X-AspNetMvc-Version
4.0
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-Iinfo
13-68666760-68666765 SNNN RT(1603722020338 2535) q(0 0 0 -1) r(2 2) U2
Cache-Control
private
Content-Type
image/jpeg
Content-Length
153
X-CDN
Incapsula
fast-action.svg
d3rse9xjbp8270.cloudfront.net/assets/images/
9 KB
9 KB
Image
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/images/fast-action.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9600:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 23:09:27 GMT
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
age
54657
x-cache
Hit from cloudfront
status
200
content-length
9203
last-modified
Wed, 08 Jan 2020 18:06:45 GMT
server
AmazonS3
etag
"babd47dc25531a9faeadc04f1afa1910"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
LMQ9irZgCqwVQD-iiH3jq4EiOU1D4FNcV5H13JIT-nPRucSKujWvUA==
collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=1968199598&t=timing&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F4109543846649857792&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utl=4109543846649857792&utt=84&_utma=101563537.1361648720.1603722022.1603722022.1603722022.1&_utmz=101563537.1603722022.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603722022980&_u=aSHCAEABAAAAAG~&jid=&gjid=&cid=1361648720.1603722022&tid=UA-28243511-22&_gid=1092476875.1603722022&gtm=2wgae15L2FSL&z=1711979497
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Oct 2020 16:22:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79073
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=1968199598&t=timing&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F4109543846649857792&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utl=4109543846649857792&utt=8&_utma=101563537.1361648720.1603722022.1603722022.1603722022.1&_utmz=101563537.1603722022.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603722022993&_u=aSHCAEABAAAAAG~&jid=&gjid=&cid=1361648720.1603722022&tid=UA-28243511-22&_gid=1092476875.1603722022&gtm=2wgae15L2FSL&z=1704148375
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Oct 2020 16:22:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79073
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=1968199598&t=timing&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F4109543846649857792&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utl=4109543846649857792&utt=1170&_utma=101563537.1361648720.1603722022.1603722022.1603722022.1&_utmz=101563537.1603722022.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603722022997&_u=aSHCAEABAAAAAG~&jid=&gjid=&cid=1361648720.1603722022&tid=UA-28243511-22&_gid=1092476875.1603722022&gtm=2wgae15L2FSL&z=251780584
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Oct 2020 16:22:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79073
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=1968199598&t=timing&_s=1&dl=https%3A%2F%2Fact.myngp.com%2FForms%2F4109543846649857792&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=1255&_utma=101563537.1361648720.1603722022.1603722022.1603722022.1&_utmz=101563537.1603722022.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603722023000&_u=aSHCAEABAAAAAG~&jid=&gjid=&cid=1361648720.1603722022&tid=UA-28243511-22&_gid=1092476875.1603722022&gtm=2wgae15L2FSL&z=255442002
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Oct 2020 16:22:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79073
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
TjHzv9NJXQip1Ndote09ATaz
secure.everyaction.com/Databag/Profile/
0
1 KB
XHR
General
Full URL
https://secure.everyaction.com/Databag/Profile/TjHzv9NJXQip1Ndote09ATaz
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Date
Mon, 26 Oct 2020 14:20:22 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
https://act.myngp.com
X-Iinfo
14-80481822-80481827 NNNN CT(85 163 0) RT(1603722022915 17) q(0 0 2 0) r(3 3) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
TjHzv9NJXQip1Ndote09ATaz
secure.ngpvan.com/Databag/Profile/
0
872 B
XHR
General
Full URL
https://secure.ngpvan.com/Databag/Profile/TjHzv9NJXQip1Ndote09ATaz
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cdn
Incapsula
status
204
date
Mon, 26 Oct 2020 14:20:23 GMT
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://act.myngp.com
x-iinfo
12-61734481-61734483 NNNN CT(80 200 0) RT(1603722022895 0) q(0 1 3 3) r(4 4) U11
access-control-expose-headers
Request-Context
cache-control
private
access-control-allow-credentials
true
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
collect
stats.g.doubleclick.net/j/
1 B
48 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-28243511-20&cid=1361648720.1603722022&jid=862080531&gjid=746937330&_gid=1092476875.1603722022&_u=aSHCAEABAAAAAG~&z=121103410
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.myngp.com/Forms/4109543846649857792
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 26 Oct 2020 14:20:23 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://act.myngp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
js2.verygoodvault.com/vgs-collect/1/lib/ Frame F995
0
0
Document
General
Full URL
https://js2.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId260541339642197842&formId=randomId26047753129447917275&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Requested by
Host: js2.verygoodvault.com
URL: https://js2.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:a600:14:79be:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Host
js2.verygoodvault.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://act.myngp.com/Forms/4109543846649857792
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://act.myngp.com/Forms/4109543846649857792

Response headers

Content-Type
text/html
Content-Length
364
Connection
keep-alive
Last-Modified
Fri, 24 Apr 2020 20:22:28 GMT
x-amz-version-id
JCfkY4IkNKJhMm0EdEKqtK3Ilw9RSiaP
Accept-Ranges
bytes
Server
AmazonS3
Date
Mon, 26 Oct 2020 14:20:00 GMT
ETag
"12b7f829a99521c45e7e29dcc8a34cff"
X-Cache
Hit from cloudfront
Via
1.1 7ec84fa8ea386135e27faa4bc393cabb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
ZAG50-C1
X-Amz-Cf-Id
8cGj6fVPxTiFT5vqD3k-SEyT2NzubgL_rG4hZ5YewzucBDCjE0H_Tw==
Age
24
index.html
js2.verygoodvault.com/vgs-collect/1/lib/ Frame 06A7
0
0
Document
General
Full URL
https://js2.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId260820234168651943&formId=randomId26047753129447917275&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Requested by
Host: js2.verygoodvault.com
URL: https://js2.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:a600:14:79be:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Host
js2.verygoodvault.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://act.myngp.com/Forms/4109543846649857792
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://act.myngp.com/Forms/4109543846649857792

Response headers

Content-Type
text/html
Content-Length
364
Connection
keep-alive
Last-Modified
Fri, 24 Apr 2020 20:22:28 GMT
x-amz-version-id
JCfkY4IkNKJhMm0EdEKqtK3Ilw9RSiaP
Accept-Ranges
bytes
Server
AmazonS3
Date
Mon, 26 Oct 2020 14:20:00 GMT
ETag
"12b7f829a99521c45e7e29dcc8a34cff"
X-Cache
Hit from cloudfront
Via
1.1 a208b778c983eefafa95a32c5d34e8bc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
ZAG50-C1
X-Amz-Cf-Id
pQzBpymmrHkn1qmmakfXbG5DhsfLSxZn9YYsuU3kuLERjIpGU_MsSQ==
Age
24

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| appInsights object| dataLayer string| footerHTML function| _ object| CSSModal object| intlTelInputGlobals function| intlTelInput object| nvtag boolean| exileHeaderAndFooter object| _gaq object| AI object| Microsoft function| __extends function| _endsWith object| Backbone function| _jqjsp object| atLayer object| google_tag_manager object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType object| google_tag_data string| GoogleAnalyticsObject function| ga object| _gat object| gaplugins object| gaGlobal object| gaData number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad object| VgForm object| SecureForm object| VGSCollect function| transactionFilter function| oldPush boolean| sweetSpotEnabled object| nvtag_callbacks object| formview

16 Cookies

Domain/Path Name / Value
.act.myngp.com/ Name: _gat_UA-28243511-13
Value: 1
.act.myngp.com/ Name: __utmz
Value: 101563537.1603722022.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.act.myngp.com/ Name: _dc_gtm_UA-28243511-5
Value: 1
.act.myngp.com/ Name: __utmc
Value: 101563537
.act.myngp.com/ Name: _gid
Value: GA1.3.1092476875.1603722022
act.myngp.com/ Name: ai_user
Value: gjIHU|2020-10-26T14:20:21.723Z
.act.myngp.com/ Name: __utma
Value: 101563537.1361648720.1603722022.1603722022.1603722022.1
act.myngp.com/ Name: ai_session
Value: LN12D|1603722021989.61|1603722021989.61
.myngp.com/ Name: incap_ses_1176_364709
Value: i3fhVeojbXZ5AZHe7v1RECTbll8AAAAAYLzTlsS+FgR9JlxaMB20+g==
.myngp.com/ Name: visid_incap_364709
Value: GANsNxH2THych7+V+hcALSTbll8AAAAAQUIPAAAAAADtNdVH0JaJ9a14s3f0dwCc
.act.myngp.com/ Name: __utmv
Value: 101563537.|1=Tenant=Pennsylvania%20House%20Democratic%20Campaign%20Committee=1
act.myngp.com/ Name: ___utmvc
Value: a8eplPcnPEbqwoSBCocNbl8jm+Oz6cwOO0uWMOJjjTsW6V1/vXWBXW+h6oDt5l07e9IIKeO7ps6YtHCufPZZJghkCU9JBUL6j+s1xmbS23AnM2rdDjGnTDq9QCb3p0bBOHAGCpOL4Zd7ASam2qnJ9vlnCHzoHHZpUCSDFmHeFBwSjQHT9rZcdF0kgrTvz3QK/6FFTY7n1JPunWlPOSuvCWbT3gVQ5Ve5vdK/0JHQZhIlBxU0KUUvn67dyDUiIzmJagiM8rso1n80oxazELm/M/lu+RoW9phERYbiMxtsz4DZjCC15EUXv+Ih8xV3NJ52v0KjtYO2prfDfX911qgyHKD0mO5bTNlqDVu3pmN8hZ9QMc+aq5kO9ZCyNb619GaLutR41QN1TG4DtZWQYdNzcvFqVspCN3aiHeNhfPrF5wqMk+FoQlSvRJiQEjnwISegypBU9E61UCEMWZDHGuIcME6vZnLVLejqzHiRPyVC777jl0dvxvWLfXSOHqIeeW99ABhhlOXXkcuG3u7HPz2goYFjZYy7lfQ7msIvv5eb6T9uUeCpoPihbmzcRhxu5vNQhOKyEfhWU6VB5y6BxGz/H+WgXYjr6jTruXibQ8Lfui00DOgDn1GQLGdxraevnWv+BQMY+6L6tDtQtCkleUom6QGA0MO76muzqigKgLcVcGZgKM0yyE8qhSlIwbIMixI4ZXbTl6PsTsw0GyxHZRhO+uC067SbpS9rR3aFzKBvrU9QWJearyXwp0fUvnk5iltvssEcrXC6CN5iotPvDCiDbUmAEumMgMi85qoesajY+/YIw0WnJqoTlG3PMkNkb9zsxHrEvtN/YyOqTDDz82cJERuT3KCUCD3YadJKBKsVg+i1yEr15SiI3F5nO0Uw/zDslqlWuIK3Rxtw4RmD6cwpRJFU57JKu3INTr17HJdunP+D8eUfYUVdReMxFhsEvUn66s/AxJVKdgJRUhwy0giWP1/5his5JmUdt3W6e8d5SGmYS+hr1PeJjHbuDdwMNft9XrP7Xv1jMMQ+gQ+wca+Sp3XvCO3FczATnN+jFx2U35CC6FUNebruNEQe3navJiyhpSnJLW9/4enHjrkU30VKMdPcSj/5LKIs+LlVRpLMJ1oiJmwx4Gy0miA9pYbRJ9dDGxyBXFNUfG70GtSeTdn/P/nycp6OOVl/kdQ/D3gDx+yykjo/T7W06+ri0WcpJutPvWtb4uXS5FTWrTZpOS5Fg6Vi41k34FkKY56qYelV4msuYPT27hZWh2aITYllAmCzWKjcFunEckhkeh2dZjPWDqPBOgM8Vt8guLVOvmZitXvNzueNS5zk3H5E3G2UgZu/cR/PyLNnxNRci2+fAxZNlLW1Rzdd6tGbD/5uSEAYlAQbrPyODPkM5savuKDy2gm+o2eEpypRiqmS7hIeo+EIYU+dWdxbSVk2xc+iGHNmgpYdVUi/SP1JuJWc1//hcgtCZmNbwXT6sYAc5zVAjP/BD+NL4r9FXHB2KtMoF0FIZ8XX3Q5jIbXKhGLxS5cAJqwaZh/2bX11/K+IThMAXhg38K413wNuYeeNvpomEdvJ+HTODyK6Y6M0SVtn11o/XfsBzFzBFA5fwtarAGMZwMWVJ1Dn0aVqcjDW5bBSitUGuxWJv/3GyRs3XuZ1HNaGSXYqECUoDT4csQLTDaOcJYJuEhn7Q/Ybk1/Jqq2Vl7a7vgGQIwNv1t2iCq4fyaF/NOEWFaB70qOEpHpWGHQr0v2qJIVrMu52VFcRMT+A0IIHXdzwV75lkoWwQ56+ByPGdL73jW3QVePHuRolIIVyPRTszy+QXc/3E7oOwcBf0nin93UW+CA8bVDWwBhk0wW8i6PlhmPEC2dbZgO6FCxkaWdlc3Q9MTI5OTAzLHM9Njg4YWFkOWE4ODg2ODY4NDY4N2M3ZjhiOTJhYmIzOGY5NmE3NjU4NTcxODM4OThjOTU4YjhkNmY5NmE5NjA4MzdjYjE3OTdiODY3Mzc2NzY=
.act.myngp.com/ Name: _ga
Value: GA1.3.1361648720.1603722022
.act.myngp.com/ Name: __utmb
Value: 101563537.0.10.1603722022
act.myngp.com/ Name: BIGipServerpool_ob_act_myngp_com
Value: !IAKyvIQfWEAgAY2elORt2Gkftlsy/9MW/VP9JVUKAOFxFoakxaMh/7ulhN4uW3S4kOSrBG/h8GwQji2uBe6J1CViwsmLrIGHy05CaYgPA8aiN/VrDPBSiTYdjSNl1rKWD5EC/jnVWC+k6gCAgGVNak9uJEPx4mo=
act.myngp.com/ Name: ASP.NET_SessionId
Value: 0zfwwybrwa34xg1yrmhu3vc4

10 Console Messages

Source Level URL
Text
console-api warning URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js(Line 1)
Message:
AI: CannotSerializeObjectNonSerializable message:"Attempting to serialize an object which does not implement ISerializable" props:"{name:message}"
console-api warning URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js(Line 1)
Message:
AI: TelemetryInitializerFailed message:"One of telemetry initializers failed, telemetry item will not be sent: TypeError" props:"{exception:[object Error]{ stack: 'TypeError: Cannot read property 'indexOf' of undefined\n at https://az416426.vo.msecnd.net/scripts/a/ai.0.js:1:69868\n at e._track (https://az416426.vo.msecnd.net/scripts/a/ai.0.js:1:70553)\n at e.track (https://az416426.vo.msecnd.net/scripts/a/ai.0.js:1:69327)\n at Object.o.trackDependencyData (https://az416426.vo.msecnd.net/scripts/a/ai.0.js:1:85066)\n at i (https://d3rse9xjbp8270.cloudfront.net/at.js:15:23573)\n at HTMLScriptElement.a.readyState.a.onload (https://d3rse9xjbp8270.cloudfront.net/at.js:15:23978)', message: 'Cannot read property 'indexOf' of undefined', name: 'TypeError'}"
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Downloading (4109543846649857792): 417.194091796875 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Processing (4109543846649857792): 356.294189453125 ms
console-api warning URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Deprecation warning: moment().add(period, number) is deprecated. Please use moment().add(number, period).
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Render (4109543846649857792): 84.558837890625 ms
console-api warning URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js(Line 1)
Message:
AI: CannotSerializeObjectNonSerializable message:"Attempting to serialize an object which does not implement ISerializable" props:"{name:name}"
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Fill (4109543846649857792): 8.6318359375 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Form (4109543846649857792): 1169.923828125 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Total: 1254.827880859375 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.myngp.com
az416426.vo.msecnd.net
d1aqhv4sn5kxtx.cloudfront.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
formdefs.s3.amazonaws.com
js2.verygoodvault.com
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
2600:9000:20d7:a600:14:79be:a380:93a1
2600:9000:20eb:9600:12:303c:8700:21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:809::200e
2a00:1450:4001:81b::2008
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9b
45.60.33.183
51.140.6.23
52.216.147.124
65.9.23.21
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
27b77d036dac5752b77a119aefb43668b499ea6ab58a881cab3fe11b2c9bdbb6
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16
3640790896e1e02b28458ca856ec1009e6c9e5b5d4331333f5d216e70cd9aed2
38fc8274bd57cfec2853cc8dad294fc4f02ac16d7a8016e7157409dbc2a23312
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4adc550c41f0c01cd8d62afd3eb13e3b0cbdaffc08e79784bd42470b004b2d6a
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
61adbd179c78a11cb84a341f613a33d0fc6cf3b370c489f48bfdb1df67db96f8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d1417b2f2fbc64d0df65908d0a6a70c8cf00f18809a55fc90547673ed0991b5
7f76d154e94fbdd849b4b256fc70aeb5e0f30ccb70025dec53b6748490c8839d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
a078118abe95eccf2e588ecc78ea28d61669815f64d53f1f4964a9aca8a36860
ad6db6aac71469960bd005df1616fb95f11906bc2fb0c64e7c348026cb8e1d66
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
be1aa6f249c3d87f6cab908c30ff90f6519c4858f24ab4ad94cce1e0083f8d65
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40bb3a414ddf430b8a4c8e0ca237d959056de01c3b45226fbbc4f80f3e171c0
e7c9a0742c7ef8aeb57d04bfbed7e20fa839d09356ccad0baa96c9b4f48e96bb
e83dfb93fa54757ddf18fc003b152cb4b5cab5f10054cc3315b9d0c8a7ad06e7
f4d829eb071f3a5014ebe007af1768a283746111848f27ff763c60ee595f9392
f7a2fe21142b2cc05ed28f766802f9f3b248427ecb3dd88543f7e51420e591df
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc