www.northerncu.com/
301 Moved Permanently 167 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET / HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 30 Jan 2023 17:29:45 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.northerncu.com/
X-Cache: Redirect from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lVSd86e737aMR0jUlc3z_6kFm1HSeHLotheFnVS2lr1ucyINDxOJRw==
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3099
Expires: Mon, 30 Jan 2023 18:21:24 GMT
Date: Mon, 30 Jan 2023 17:29:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2508
Expires: Mon, 30 Jan 2023 18:11:33 GMT
Date: Mon, 30 Jan 2023 17:29:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 16:43:12 GMT
content-type: application/json
age: 2793
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4918
Expires: Mon, 30 Jan 2023 18:51:43 GMT
Date: Mon, 30 Jan 2023 17:29:45 GMT
Connection: keep-alive
status.thawte.com/
200 OK 471 B IP
Hash 5fbb29dd4872170c1c516f19418ffc54
938a0d74970e0a0cbee7b8b3f54142ecadc42534
ec129f5e9496f9f063a427776a00253c58400e203774f0c011c019beb15ca7dd
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:29:45 GMT
Server: ECS (amb/6B73)
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kuFQA3n/Cxb1oJU+wJ4CGUsH3GBau3minFX89+bnhnQygU/u7cDk1hANS/dTXXo2bWZiYYDyM7g=
x-amz-request-id: XV7KAS1AAN8G5MGB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 16:50:48 GMT
age: 2337
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:29:45 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 16:49:04 GMT
age: 2442
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16782
Expires: Mon, 30 Jan 2023 22:09:28 GMT
Date: Mon, 30 Jan 2023 17:29:46 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f6OTSpgCuMXYwtK3EomP2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3RR+3CXFN29PVZaSNDVX00rHaJA=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6091
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:29:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6091
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:29:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6091
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:29:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6091
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:29:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6091
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:29:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 70658
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 23:25:02 GMT
age: 65085
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:56:46 GMT
age: 70381
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 70149
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 70599
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 70466
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.northerncu.com/assets/js/open-social-media-new-tab.js
200 OK 757 B URL HTTP/2 www.northerncu.com/assets/js/open-social-media-new-tab.js
IP
File type ASCII text, with CRLF line terminators
Hash dba833c93e0ee9ef0c2e665bce027c5e
bc66ac4acf07556c214b11842a3f9a355e643988
7ad706f673cb310dd7aa097ccaeed74a2bd97909fb42b8edb67e4662c85863c9
GET /assets/js/open-social-media-new-tab.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 757
last-modified: Tue, 24 May 2022 21:29:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
date: Mon, 30 Jan 2023 17:24:21 GMT
etag: "628d4e3b-2f5"
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: axUBgWxsSvbKb0M1hWT0OQRwGkRRpkZhMhjv9bEgxi_I_oebByplaQ==
age: 328
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/c1-collapsible-container.js
200 OK 995 B URL HTTP/2 www.northerncu.com/global-styles/js/c1-collapsible-container.js
IP
Hash ed336c76c7490eb7bffa3714b3522f1d
ad5286f3f8364d4705cdcb615fb26b0a9d182339
85a288d366b3335edd014a5281f1488ba7a284cbb71c4c8f4bd2ff0a02d15829
GET /global-styles/js/c1-collapsible-container.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 995
last-modified: Wed, 10 Aug 2022 05:22:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
date: Mon, 30 Jan 2023 17:24:21 GMT
etag: "62f34084-3e3"
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oql777b4kn0u9hlfrbAg8nscvuG0yEAvlK9X64fYDrDD2vzzKa0udA==
age: 328
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:29:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-5LMBKM
200 OK 66 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5LMBKM
IP
File type ASCII text, with very long lines (4891)
Hash ac7d21501347434dca5623b329861e61
f9f5c537f12c7d8de2117dc0e07854657313d17a
536a299afd127fcc717410ef4abbc191a021e10d06ebf2e87345f53efe482bc0
GET /gtm.js?id=GTM-5LMBKM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:29:49 GMT
expires: Mon, 30 Jan 2023 17:29:49 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:29:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.northerncu.com/global-styles/js/iframeResizer.js
200 OK 50 kB URL HTTP/2 www.northerncu.com/global-styles/js/iframeResizer.js
IP
File type ASCII text, with very long lines (13787)
Hash 4395b3660f6d58285d67f367734669fc
22423176f8bab203ede2f188fa4148d4b7945291
a16746bf366f3457a3352ac4ace2f59f34ec1e012e6dc330066e6652058ea303
GET /global-styles/js/iframeResizer.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Wed, 27 Apr 2022 18:07:09 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"6269864d-3723"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lPKsBIC0a0-ZxpmzyzOaw4WCD2wnVQNyvJ_EL6zU6FOYDechPH7GAw==
age: 328
X-Firefox-Spdy: h2
www.northerncu.com/assets/fonts/Aller_Typo/aller_typo_bold.ttf
200 OK 83 kB URL HTTP/2 www.northerncu.com/assets/fonts/Aller_Typo/aller_typo_bold.ttf
IP
File type TrueType Font data, 19 tables, 1st "FFTM", 21 names, Microsoft, language 0x409, Copyright \251 2010 Dalton Maag Ltd. All rights reserved. This font may not be altered in any wa\012- data
Hash d92ae94b2f1386e91e0d954bb47f203a
eb4ecbfc1c2279dd614c45f82a135c3570aa5e8b
593a16f974e5c64067ff03d2af87c5da0ca5f668d6970753c1695d0b1b6c4699
GET /assets/fonts/Aller_Typo/aller_typo_bold.ttf HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/styles/brand.min.css
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 82652
date: Mon, 30 Jan 2023 17:24:22 GMT
last-modified: Mon, 04 Oct 2021 22:05:05 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "615b7a91-142dc"
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Hx9GNHviVnYW78kS_Ko0fNrj3z4JYMOtu0pTkX6K5yzmVwMX8eQPFw==
age: 327
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/c1-javascript-component.js
200 OK 105 kB URL HTTP/2 www.northerncu.com/global-styles/js/c1-javascript-component.js
IP
Size 105 kB (105199 bytes)
Hash d96089883bafb580418bf22d7bb728df
352b2286f4027e96d2157da205d661cb1e966551
32617a490022e384b81ce32bef674dfc30a231456be449c840f49ff3f051eecc
GET /global-styles/js/c1-javascript-component.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Wed, 21 Sep 2022 19:35:38 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"632b678a-5a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XsJSF5EWZq06C4RVHOyhOeI8SURNSv8bCWF5Wc-6opKs5VMhi4_JOQ==
age: 328
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/vendors/slick/slick.js
200 OK 16 kB URL HTTP/2 www.northerncu.com/global-styles/vendors/slick/slick.js
IP
Hash 203b3588222dbf81a356b61a758b381f
3083518a1a8ed2afbe5353873e23cd4e8543d0e5
8ffea2af20eae6edfc7fab8859b67d496fbb8e9aacccc7132076a18148779811
GET /global-styles/vendors/slick/slick.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Wed, 11 Aug 2021 21:54:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"6114471b-15b7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aIDvKowMjvatEzgGoQk7gHv8y1YXjlpJQKknXrkPayWroTmSNyUGbw==
age: 328
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 76364d9d219b55da5f0cbf1f6dbf3dbb
de1987c5d5d3bb0bea7854ebf14ec4e65f919647
4442861f7c6ad54330f146bcb2faae328b4eb7a55b9e39c8d86c3cefadba0bf6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 17:29:49 GMT
Etag: "63d4b034-1d7"
Last-Modified: Mon, 30 Jan 2023 16:11:17 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FMEEgY50fh__WNPt-3X2VmQma3u91UjQgb6RbK8LZ-zGSNYn5dUYvQ==
Age: 4712
www.northerncu.com/assets/img/images/Blueflag.png
200 OK 17 kB URL HTTP/2 www.northerncu.com/assets/img/images/Blueflag.png
IP
File type PNG image data, 95 x 99, 8-bit/color RGBA, non-interlaced\012- data
Hash 67213be360b02024eaf762308a3be5bc
ac85b5366efca08ec398041558c8e139f9e79db4
e7575a729ea8342ff680f2464461759b5a6ac0622e72fe2061de70bd434b5d6a
GET /assets/img/images/Blueflag.png HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 17302
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Thu, 30 Sep 2021 07:43:27 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "61556a9f-4396"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _8WG8ibjMlAdI9VSYvlQu0adPKkbdrWHp4AGuY8h5h5Qw-2ZAPUNUw==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 9fac0f48aede4059968802dc1a770c5d
6e4e1597f350da2ad29e936626272b213231a132
c000366db3e6010d1c82c2e16ea4f830242c8ef6a361003d7a9953867f8d8242
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 17:29:50 GMT
Last-Modified: Mon, 30 Jan 2023 16:14:42 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iT25qlI1BntYubyrHc3vM68cOKuW3tDnhkXZGHQDy3_VKmGPYnYoDA==
Age: 4508
www.northerncu.com/assets/img/images/Instagramicon.png
200 OK 1.2 kB URL HTTP/2 www.northerncu.com/assets/img/images/Instagramicon.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash ad6b1fd56412ffa8d2c944d4f8419564
b502baa559b8cc30d27c919583aba0303de194a9
be793fa07a9a81be4af2c758fceba474d61386702274200445ff5bb869603b2d
GET /assets/img/images/Instagramicon.png HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1249
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Thu, 30 Sep 2021 07:43:36 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "61556aa8-4e1"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4HFZ88ZVp9pZ7rzTYiy7kw7MqMS2HnMc4IHF3TCitQbB7_01cRaXuA==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/Carousel_Qtrade.jpg
200 OK 47 kB URL HTTP/2 www.northerncu.com/assets/img/images/Carousel_Qtrade.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x413, components 3\012- data
Hash 8ffcf44a39af348b2c16bfc7b4f23158
7263a5a4111d5d3104ee23beed274ecc5953e88f
a4b567dfca5c8acecd4da3e6e707a5dd3e45729abda4d9b02c3bffa5ea29ace6
GET /assets/img/images/Carousel_Qtrade.jpg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 47010
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Fri, 14 Oct 2022 19:05:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "6349b2e8-b7a2"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TVYfRV6yHtkw37LsRobRkbJPJgErIwdWa0lBfbQzvMUJWhYvgy4ftw==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/icons/Icon_Mobile_App.svg
200 OK 946 B URL HTTP/2 www.northerncu.com/assets/img/icons/Icon_Mobile_App.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (946), with no line terminators
Hash 965883518fb4046b8e57df20aeafcd91
8687bf2e74a7baba7b858b341e11369178f52a23
4b7c6cc4efc51775c0f14b05ec27d44cca77e97909156c69df6e95865062b749
GET /assets/img/icons/Icon_Mobile_App.svg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 946
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Wed, 13 Oct 2021 12:30:28 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "6166d164-3b2"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FSLhEzmYHbNGKs0OM7e2r79PLvemofVnMor6GE7eYkh49vlbJPEfsA==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/FBicon.png
200 OK 945 B URL HTTP/2 www.northerncu.com/assets/img/images/FBicon.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d4c82aa55fed38cd330415e110d7cece
9973301c343524d011f73fafe9704c800bcbe6f6
ee9cb96a8926b989f49027ca35f71cdce484c1d963229fb4c27703e5ff4c6ed9
GET /assets/img/images/FBicon.png HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 945
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Thu, 30 Sep 2021 07:43:29 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "61556aa1-3b1"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 59-00lphMfaIo1OWZE2GO8wRp-s4cvEjAp5Q3rHehxzhpcT5BGUGKg==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/LinkedInicon.png
200 OK 1.0 kB URL HTTP/2 www.northerncu.com/assets/img/images/LinkedInicon.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 566756c7fe08032732469da4db934f20
7c7764db74737b64bf15bd34bd9bb5465b0f657e
08a8f59ee653d3736d9952ccadece76c6913f60c721727ff26f38816a512c66d
GET /assets/img/images/LinkedInicon.png HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1025
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Thu, 30 Sep 2021 07:43:36 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "61556aa8-401"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xbc7RvoqqX4vtTDClrioZbB5xqMlbhRzrqpSKdXdZ9Vivj9cfqhloQ==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/Icon_ATM_Network.svg
200 OK 905 B URL HTTP/2 www.northerncu.com/assets/img/images/Icon_ATM_Network.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (905), with no line terminators
Hash 41498ecaa0faa3f7aedd379b117b8c3f
0f023ead5a9eac1da4d392125c30a01ee80166d2
cbdf2e337cd2ecf1973616393f700b0bf89c83c05a5d66b0e56e873e6091be1f
GET /assets/img/images/Icon_ATM_Network.svg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 905
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Wed, 13 Oct 2021 12:32:47 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "6166d1ef-389"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Lwu_srW2aoikk7H4hGIzZabXzeiWtSv1QAuq1jFYHxPk0tVzSlPy3w==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/Carousel_MeetTheTeam.jpg
200 OK 55 kB URL HTTP/2 www.northerncu.com/assets/img/images/Carousel_MeetTheTeam.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 640x413, components 3\012- data
Hash 1a7423ae29722f64bda833dbddcf826e
da6589b8c6e203ab28bf3781283d80531845d0d1
0e5454309f3c1a5e00da396caad8a60ee6123363e41253d663e2f01944995800
GET /assets/img/images/Carousel_MeetTheTeam.jpg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 54970
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Thu, 26 Jan 2023 14:33:36 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "63d28f40-d6ba"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mgOfMzFstJtYi68pljTJ5kW-lXDroPa5My8j8o-hhZyeC3eMRNO3Xw==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/Carousel_Aura.jpg
200 OK 60 kB URL HTTP/2 www.northerncu.com/assets/img/images/Carousel_Aura.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 640x413, components 3\012- data
Hash 716dad0195f6f6ee78295ec8a4b7360d
d422c34c13a1a6022c7995638e54ef94c3aa942f
2bb65a294f19e60e90adbcfc2f8a09e6a70b54bc35809ce4aa671a351954a7aa
GET /assets/img/images/Carousel_Aura.jpg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 60070
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Tue, 03 May 2022 19:58:56 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "62718980-eaa6"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XNqHefghZIkbPBgH8sChMnFujaZ_OWjMcXIlg8KtgTvQpj3-wrs6zQ==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/Twittericon.png
200 OK 1.1 kB URL HTTP/2 www.northerncu.com/assets/img/images/Twittericon.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash a52df178c25bd6fa9ffb4965c2e8ac6e
022b1d0a16e0f87cf155718774c59fa6bafc555a
b3290b01483a461bd89b51efa2dc6e028f71ab35a9c5bd0436ce64bbd3b72486
GET /assets/img/images/Twittericon.png HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1129
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Thu, 30 Sep 2021 07:43:39 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "61556aab-469"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hffBDcs5WL2mIgjiRwddwfW13_sKcx98cocfyCbMxb7KVa-h8De89g==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/YouTubeicon.png
200 OK 1.0 kB URL HTTP/2 www.northerncu.com/assets/img/images/YouTubeicon.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash c370125d64c26385d7fefdfd91ccf48c
03141ed66d103f85a7d4524cc1ef50366d9696a7
27ba4032fe1d84c4a811cf61dff5d793732f153dec6c195163a487a63e6d902f
GET /assets/img/images/YouTubeicon.png HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1016
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Thu, 30 Sep 2021 07:43:41 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "61556aad-3f8"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ao3SxlFGP8jSfMxXF0MFVV2x40ZYhZUqtgE9qEdh6hydcdremQDVNg==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/mortgage_carousel_1.jpg
200 OK 62 kB URL HTTP/2 www.northerncu.com/assets/img/images/mortgage_carousel_1.jpg
IP
File type JPEG image data, progressive, precision 8, 307x198, components 3\012- data
Hash 3818da5d40e24bcfae630d7ac11c98d0
7e05454b6bf5dca2523fd8c0e4dc9ab73ae20d1c
61863749981112bb26aedfbb61bbbc879cc2526cb44a9e01d7952c1e52ad6586
GET /assets/img/images/mortgage_carousel_1.jpg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 61951
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Tue, 03 May 2022 18:50:59 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "62717993-f1ff"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oI4s3tLYwrfqxMRydhJKJiCSowx_Y_NdzkGjg8RkU_Igx6mv2mYHxQ==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/Carousel_Float-eh.jpg
200 OK 248 kB URL HTTP/2 www.northerncu.com/assets/img/images/Carousel_Float-eh.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x413, components 3\012- data
Size 248 kB (248022 bytes)
Hash b8d44432f2bd2eac18d33dba7e14ece8
8042e9b1cea8c460370291171865e5ac94350d87
7aac06fc40531e7cd51f06a333a2de51ca43382508d33090c2c6761f74005934
GET /assets/img/images/Carousel_Float-eh.jpg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 248022
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Tue, 03 May 2022 18:51:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "62717994-3c8d6"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z7UFLZi6VTQ9zCIANHZGKDWLgQ7vQ3APdvZMA1eg_TsQGAviWa_Lgg==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/NCU-Student-Strong-Bundle-NCU-Carousel.jpg
200 OK 88 kB URL HTTP/2 www.northerncu.com/assets/img/images/NCU-Student-Strong-Bundle-NCU-Carousel.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 307x198, components 3\012- data
Hash c706a5ea4c680451ed60edbab09bf9c6
bf3a5738a13d3314c3d27ff548483f42b28b27fa
b4fa22c90624a9d91a18194d89ed66a2bc13e8af36dce731ca8587bf145f2e3b
GET /assets/img/images/NCU-Student-Strong-Bundle-NCU-Carousel.jpg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 87918
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Wed, 13 Oct 2021 10:49:11 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "6166b9a7-1576e"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eKETZgqudjyzAddFwg6Sx8_4NtPPxwc_XJNgDglFB5JWJZwb5l829Q==
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/js.cookie.js
200 OK 78 kB URL HTTP/2 www.northerncu.com/global-styles/js/js.cookie.js
IP
Hash ab4f6783ed5a939a5c80285def95388d
1ec34c8201965656413045da70c2d01695479005
d6f30907bc9b9944ad904e7904d712c53e551824e430faf14e8ef8cf05f6a2df
GET /global-styles/js/js.cookie.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Wed, 11 Aug 2021 09:38:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"61139a99-f2e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VftMM6C_oC0cW4Xz1ueqReJIqWZyKoBUJdNPmRwW2LEUFlhYm68LoQ==
age: 328
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/c1-cookie-acceptance.js
200 OK 138 kB URL HTTP/2 www.northerncu.com/global-styles/js/c1-cookie-acceptance.js
IP
Size 138 kB (137653 bytes)
Hash 39103ed218d211439771ffa98f1ebcf6
170c1745cbb58a6b9d5e6005f00dfde9b70165a8
ad79c92eaf22ab4e5261f63320154055da784da9ec2d4c18000c720c4fcad876
GET /global-styles/js/c1-cookie-acceptance.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Mon, 08 Aug 2022 18:10:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"62f1517c-aba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FxvzVfDh6HZ4GFCOgAWvxQpVWLcEw3kxUxdK1NBEOvdUzv5dxyNWdA==
age: 328
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/Landing_Commercial(1).jpg
200 OK 76 kB URL HTTP/2 www.northerncu.com/assets/img/images/Landing_Commercial(1).jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 307x198, components 3\012- data
Hash 34e0179f257e760a95d8b95bce803b45
dd07dc8d5c63d94ad872e2a7d6a330fb8ee84fc6
c70d8c5ced2177445afd1cbae4abcf3e80ca37a57e0b56ff3db5f4367c69af09
GET /assets/img/images/Landing_Commercial(1).jpg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 75686
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Tue, 03 May 2022 18:50:59 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "62717993-127a6"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NeQUoodnf1kbpALoxdtnPJB6C-n7zI591Yiak-w8JacOUH9_udC7uw==
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/header-c1-basic/hamburger.js
200 OK 169 kB URL HTTP/2 www.northerncu.com/global-styles/js/header-c1-basic/hamburger.js
IP
Size 169 kB (169415 bytes)
Hash 2616abdabe3053e97528727020d865b1
4ab4d6964245d57bcff6d4ce81cdfcfe70e26bc2
0e663d1fead6907a1f1e93151f3a1d385ca56374262278af4e74ae9db333dc2f
GET /global-styles/js/header-c1-basic/hamburger.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:22 GMT
last-modified: Wed, 15 Jun 2022 05:14:50 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"62a96aca-1f96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rVWvVe6U__8x1j_2ehHVoo-apfLe19ZvrHDQ9dWnc2i2N0oLHumhkQ==
age: 327
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/guywithflag2x.png
200 OK 162 kB URL HTTP/2 www.northerncu.com/assets/img/images/guywithflag2x.png
IP
File type PNG image data, 282 x 492, 8-bit/color RGBA, non-interlaced\012- data
Size 162 kB (162353 bytes)
Hash 90c4de4babafbb380b2f3412ed7a39a4
09034b1766f52d00596e5943d87b5420554bf519
6f097abec83681c93135d7e2d1abc60b67689cbad2fbfa0003b295201b91a163
GET /assets/img/images/guywithflag2x.png HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 162353
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Thu, 30 Sep 2021 07:43:32 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "61556aa4-27a31"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _hEr6RGxr8rd8tzxZBxUTexiFPxhgCDxcyX_OeEfLOh-HpGYx__wxw==
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/c1-customer-advisory.js
200 OK 245 kB URL HTTP/2 www.northerncu.com/global-styles/js/c1-customer-advisory.js
IP
Size 245 kB (244789 bytes)
Hash 833d1d0c817a650d82a70b7c24b49a06
47c26ea2dc7eb2afa8c284feef5b0f03789e1292
fe60305fc42473e969e365a5af81b1147b787d694e2ec5a46e75fde0ad75c115
GET /global-styles/js/c1-customer-advisory.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Thu, 27 Jan 2022 22:24:49 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"61f31bb1-3536"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lNoyAPhENkdgRYVufm7YUU0vOkec5Qi9Y_RPAX7WVRASbMtlUmpiMA==
age: 328
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/vendors/bootstrap/css/bootstrap.min.css
200 OK 173 kB URL HTTP/2 www.northerncu.com/global-styles/vendors/bootstrap/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65271)
Size 173 kB (173281 bytes)
Hash 418ebbd55e959b7acf231b57a8d1a7b0
e6b636f659a506816a74883e24e11267cf231cca
d2044bc551441c075c9e98233ee03404d7e5a724da828381ee50df58307040ad
GET /global-styles/vendors/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Wed, 10 Nov 2021 14:30:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"618bd79d-1dabb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BM-MJq2Ksxg2-ALGf-bSgSJ49aXluCQl2yjTg-C_xAzj1yJ6R-vkSQ==
age: 328
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/9%20Creative%20Ways%20to%20Save.jpg
200 OK 162 kB URL HTTP/2 www.northerncu.com/assets/img/images/9%20Creative%20Ways%20to%20Save.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Choreograph], baseline, precision 8, 896x450, components 3\012- data
Size 162 kB (162415 bytes)
Hash 8985915cee7c7795724dfd3f7e3cc246
48bfadd63b05f046f9163acb46c6af2255a121a4
ffd2043b7d454e72d4b52a5ec9bf9983ce555e82b534f7a1d782141635869784
GET /assets/img/images/9%20Creative%20Ways%20to%20Save.jpg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 162415
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Thu, 30 Sep 2021 07:43:43 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "61556aaf-27a6f"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: chdDAdtekRWGNi7lA-6VU2EnV9oi1-HGzOuYm8FoP9CyO8jKZPHQFw==
X-Firefox-Spdy: h2
activedemand-static.s3.amazonaws.com/public/javascript/jquery.tracker.compiled.js.gz
200 OK 134 kB URL HTTP/1.1 activedemand-static.s3.amazonaws.com/public/javascript/jquery.tracker.compiled.js.gz
IP
File type ASCII text, with very long lines (32018), with CRLF line terminators
Size 134 kB (134439 bytes)
Hash 41a1027538d3d4c920d84735f8632bf8
1af0c92bacb132b2dca999ce36a21c492babec45
f9bc36f6da9ec48eca9d5d0bfbd239979bea14d5841fe4c1e53b9e426657e939
GET /public/javascript/jquery.tracker.compiled.js.gz HTTP/1.1
Host: activedemand-static.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: pyZMDdqoC8GyNQkFdHjhBFJYVk0EhbYYVM+NnxUSeMh4PCbr99gDWwUJtvjkn58JTirJNxksAFj0K+nGXAfhdg==
x-amz-request-id: KPGZ9PP34Y4AES88
Date: Mon, 30 Jan 2023 17:29:51 GMT
Last-Modified: Thu, 14 Jun 2018 16:06:45 GMT
ETag: "41a1027538d3d4c920d84735f8632bf8"
Cache-Control: max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 134439
www.northerncu.com/assets/img/images/Can%20Refinancing%20Your%20Mortgage%20Save%20You%20Money.jpg
200 OK 314 kB URL HTTP/2 www.northerncu.com/assets/img/images/Can%20Refinancing%20Your%20Mortgage%20Save%20You%20Money.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 896x450, components 3\012- data
Size 314 kB (314350 bytes)
Hash 583f31c0f85558955cac0857395c113b
0fa97b676c87d97a6850982aff93c634a95a00ce
7672caf70066b7b68d95709306959d1ffda62ff6c0c61dce002de871db713ce8
GET /assets/img/images/Can%20Refinancing%20Your%20Mortgage%20Save%20You%20Money.jpg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 314350
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Thu, 30 Sep 2021 07:43:51 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "61556ab7-4cbee"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vau2VJLf4U5UWrIZYkXvXO8D3oeE9JSKkzfzNhA60wvR3X46v-zKXQ==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/Carousel_Testimonial.jpg
200 OK 290 kB URL HTTP/2 www.northerncu.com/assets/img/images/Carousel_Testimonial.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x413, components 3\012- data
Size 290 kB (289908 bytes)
Hash 44840ad78ace3d4b06238e650fa0e903
18c48d303f17010ee339cc1b8bca5913e8c0fbd6
15b993618d87467eb00205ab44c3cc038803b602e9cab1916f6b1262f416a88f
GET /assets/img/images/Carousel_Testimonial.jpg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 289908
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Tue, 03 May 2022 18:51:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "62717994-46c74"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6dQBrAxNTnJ0ODEbEx1zwpuiGy-vSDcQGwTcVn51p6olhMEll1FcGw==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/Sticker_Coconut.png
200 OK 334 kB URL HTTP/2 www.northerncu.com/assets/img/images/Sticker_Coconut.png
IP
File type PNG image data, 901 x 901, 8-bit/color RGBA, non-interlaced\012- data
Size 334 kB (333657 bytes)
Hash 97484d40bda2a626617d149021db5163
25237dde512875dce3a4b4db83eeaccc16cb5b10
44bd7657fc6f47d355d6ee4304de2e0553d5b18611a572c369fedba9820e6da3
GET /assets/img/images/Sticker_Coconut.png HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 333657
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Mon, 09 May 2022 04:37:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "62789aa5-51759"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jGX3RgVDmECtcin-4xyrN9eexzJsBH6tWI0dJ4vVzDZuT3qd4jTDMw==
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/LiveChat.svg
200 OK 5.1 kB URL HTTP/2 www.northerncu.com/assets/img/images/LiveChat.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2069), with no line terminators
Hash efb95348b4c2a06576f7172bd5b26349
132bac51cd1ca2fcef040eed56cc07b3160e31e5
f53a97c315433244519d8c4fe96a3e54304521dabc02ac95db482358c7d8d98f
GET /assets/img/images/LiveChat.svg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Thu, 30 Sep 2021 07:44:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"61556af5-815"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FV97i1HE40PovO29MJcxWYTcSr0lOWeSrEvcq1lMsfbMEUh9dkZG2Q==
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/vendors/slick/fonts/slick.woff
200 OK 1.4 kB URL HTTP/2 www.northerncu.com/global-styles/vendors/slick/fonts/slick.woff
IP
File type Web Open Font Format, CFF, length 1380, version 1.0\012- data
Hash b7c9e1e479de3b53f1e4e30ebac2403a
af91c12f0f406a4f801aeb3b398768fe41d8f864
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
GET /global-styles/vendors/slick/fonts/slick.woff HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.northerncu.com/global-styles/theme.min.css
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971; _ga_RWH47R6SDJ=GS1.1.1675099802.1.0.1675099802.60.0.0; _ga=GA1.1.391586046.1675099803
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/woff
content-length: 1380
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Wed, 11 Aug 2021 21:54:35 GMT
etag: "6114471b-564"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k5VhpD4En_Q--S9NNWUkY7nwucy4P29k7xivN5eRHWzKiNubEtRwmQ==
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-RWH47R6SDJ>m=2oe1p0&_p=2109049619&_gaz=1&cid=391586046.1675099803&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675099802&sct=1&seg=0&dl=https%3A%2F%2Fwww.northerncu.com%2F&dt=True%20North%20Strong%20%7C%20Northern%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-RWH47R6SDJ>m=2oe1p0&_p=2109049619&_gaz=1&cid=391586046.1675099803&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675099802&sct=1&seg=0&dl=https%3A%2F%2Fwww.northerncu.com%2F&dt=True%20North%20Strong%20%7C%20Northern%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-RWH47R6SDJ>m=2oe1p0&_p=2109049619&_gaz=1&cid=391586046.1675099803&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675099802&sct=1&seg=0&dl=https%3A%2F%2Fwww.northerncu.com%2F&dt=True%20North%20Strong%20%7C%20Northern%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.northerncu.com
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.northerncu.com
date: Mon, 30 Jan 2023 17:29:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=47942
date: Mon, 30 Jan 2023 17:29:50 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:29:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 30 Jan 2023 15:45:20 GMT
expires: Mon, 30 Jan 2023 17:45:20 GMT
cache-control: public, max-age=7200
age: 6270
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/header-c1-basic/quick-search.js
200 OK 968 B URL HTTP/2 www.northerncu.com/global-styles/js/header-c1-basic/quick-search.js
IP
Hash 7a5afefd284889ed15c1fceb87216124
494339b21ab36003c71d6137e3a147442ff1c7d5
c8dab803be29447d7971a9e6f3f4a596da9c9d042932bcfba29ebf9939853783
GET /global-styles/js/header-c1-basic/quick-search.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:22 GMT
last-modified: Tue, 31 May 2022 04:45:56 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"62959d84-624"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GIFJ9jZRa65UJxXMg5-2D1nU7B9pE0e6MWCIJG4mGDQSOXOs_uGL3A==
age: 327
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-RWH47R6SDJ&cid=391586046.1675099803>m=2oe1p0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-RWH47R6SDJ&cid=391586046.1675099803>m=2oe1p0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-RWH47R6SDJ&cid=391586046.1675099803>m=2oe1p0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.northerncu.com
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.northerncu.com
date: Mon, 30 Jan 2023 17:29:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5954
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:29:50 GMT
Last-Modified: Mon, 30 Jan 2023 15:50:36 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RWH47R6SDJ&cid=391586046.1675099803>m=2oe1p0&aip=1&z=1685337345
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RWH47R6SDJ&cid=391586046.1675099803>m=2oe1p0&aip=1&z=1685337345
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RWH47R6SDJ&cid=391586046.1675099803>m=2oe1p0&aip=1&z=1685337345 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 17:29:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.northerncu.com/assets/img/images/Icon_Telephone_Banking.svg
200 OK 28 kB URL HTTP/2 www.northerncu.com/assets/img/images/Icon_Telephone_Banking.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1074), with no line terminators
Hash b6b0dc87830d32dab76c0d6ae5edff9a
16ef559c2d1b24c52d5cf7e8ae3e5d78ccb07439
3794c4effee370592d76c5818f8717ded72492532e755db10e5a66b19a957bfd
GET /assets/img/images/Icon_Telephone_Banking.svg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 30 Jan 2023 17:29:49 GMT
last-modified: Wed, 13 Oct 2021 12:33:59 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"6166d237-432"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FbH46Tjf5X3vFYOBMGVwmMbCzIZONmEa6jDeBFwjRIIkDlmVThIoSQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:29:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5954
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:29:50 GMT
Last-Modified: Mon, 30 Jan 2023 15:50:36 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:29:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js
200 OK 61 kB URL HTTP/2 plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js
IP
Hash 922567bb049970d0ad88e5765ac07abe
5c1c91558e8c5db38c73fdb9ff3fed2b3fedc785
d284b27e9dac0739a83d1f92e0655c47bc8a03b59577e282e3b381ad5d7eaf21
GET /c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js HTTP/1.1
Host: plugins.central1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 01 Jun 2022 06:15:55 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 30 Jan 2023 17:29:49 GMT
etag: W/"9a60a63b37579bfb1eb0d0db78a3fbcc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sUiKfw9q5eJnYhsqgeC2D1Jm5BtWVMoH0VCEkMLIJlz7WkMgwhIxOw==
age: 327
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/c1-carousel.js
200 OK 56 kB URL HTTP/2 www.northerncu.com/global-styles/js/c1-carousel.js
IP
Hash d45c51edc14d723149917e0bb244b958
634492c1717d3d54bdbf6f4b8f7234bf6bfe5cbc
8b2429e3a7b6e1422000b9db196a30a68fb2a7679e8a8e97fef2a3994da8044a
GET /global-styles/js/c1-carousel.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Wed, 11 Aug 2021 21:52:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"61144690-7fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uioqo2J4q3zoHenmrJ2mpHp_ZrhNM6uD-DlH-ffjIW2-RQmQMGazCQ==
age: 328
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ae1d7743a993204bc23a8ccd68cee380
4efe9d19bcb5792e8a944ff45135942fc43b368b
c5d40170e1044ba3e7f45ee1091f205286c3e17d882f9601b5b29673c44bfbfa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158426
Date: Mon, 30 Jan 2023 17:29:50 GMT
Etag: "63d7b006-1d7"
Expires: Wed, 01 Feb 2023 13:30:16 GMT
Last-Modified: Mon, 30 Jan 2023 11:54:46 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jLyZTVfwv-QpqAawD6Q529DfWo8_urJk0veF7BHu-4MkwhOGNVg8Vw==
Age: 5731
www.northerncu.com/assets/favicon.png
200 OK 485 B URL HTTP/2 www.northerncu.com/assets/favicon.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c20be6163df1ff47cf28974d46570e61
7915281da9297b7e7d9571ff36c44568cf2efd04
e7372ceeee47cc57658368e934a58e2aa852cbd09d1b3ac5c3467d7f13e35517
GET /assets/favicon.png HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971; _ga_RWH47R6SDJ=GS1.1.1675099802.1.0.1675099802.60.0.0; _ga=GA1.1.391586046.1675099803; activedemand_session_guid=a0d7199a-3c2b-88d2-99803584-6b27-e966fbb1ca88
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 485
date: Mon, 30 Jan 2023 17:29:50 GMT
last-modified: Tue, 03 May 2022 06:55:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
etag: "6270d1d7-1e5"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QCCGEeU0q4-4Ou7qy2h4bRrTfpETxEt58bdSLJwPtb_b6c_H_lT0zQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:29:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:29:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-68090688-1&cid=391586046.1675099803&jid=169647124&_u=YCDAiAABBAAAAE~&z=451813547
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-68090688-1&cid=391586046.1675099803&jid=169647124&_u=YCDAiAABBAAAAE~&z=451813547
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-68090688-1&cid=391586046.1675099803&jid=169647124&_u=YCDAiAABBAAAAE~&z=451813547 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 17:29:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47541034-2&cid=391586046.1675099803&jid=1035926209&_u=YCDAiAABBAAAAE~&z=1647917429
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47541034-2&cid=391586046.1675099803&jid=1035926209&_u=YCDAiAABBAAAAE~&z=1647917429
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47541034-2&cid=391586046.1675099803&jid=1035926209&_u=YCDAiAABBAAAAE~&z=1647917429 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 17:29:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c4fa47bfaac536a9d3568bccb6f0152f
c99fc55555d04f2ecfdd872a309f6ef0ace2567f
7b6cf541a91d07ccc01a6439a2d96dff550777cee54f33511d39e261e4be8f7d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165284
Date: Mon, 30 Jan 2023 17:29:51 GMT
Etag: "63d7e133-1d7"
Expires: Wed, 01 Feb 2023 15:24:35 GMT
Last-Modified: Mon, 30 Jan 2023 15:24:35 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dgmdaggXmbphtmK3ybkChOfd-BeORkKEsRiB64ENqCLRoZH5UYgfqg==
collection.activedemand.com/submit/visit.js?js%5Bparams%5D=document.title%3DTrue%2520North%2520Strong%2520%257C%2520Northern%2520Credit%2520Union%26document.referrer%3D%26document.URL%3Dhttps%253A%252F%252Fwww.northerncu.com%252F%26document.location.host%3Dwww.northerncu.com%26document.location.hostname%3Dwww.northerncu.com%26document.location.href%3Dhttps%253A%252F%252Fwww.northerncu.com%252F%26navigator.language%3Den-US%26navigator.platform%3DLinux%2520x86_64%26navigator.userAgent%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0%26window.width%3D1268%26browser%3Dmozilla%26&js%5Bsession%5D=a0d7199a-3c2b-88d2-99803584-6b27-e966fbb1ca88&js%5Beguid%5D=&callback=jQuery1123024856009345477548_1675099803521&_=1675099803522
200 OK 441 B URL HTTP/1.1 collection.activedemand.com/submit/visit.js?js%5Bparams%5D=document.title%3DTrue%2520North%2520Strong%2520%257C%2520Northern%2520Credit%2520Union%26document.referrer%3D%26document.URL%3Dhttps%253A%252F%252Fwww.northerncu.com%252F%26document.location.host%3Dwww.northerncu.com%26document.location.hostname%3Dwww.northerncu.com%26document.location.href%3Dhttps%253A%252F%252Fwww.northerncu.com%252F%26navigator.language%3Den-US%26navigator.platform%3DLinux%2520x86_64%26navigator.userAgent%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0%26window.width%3D1268%26browser%3Dmozilla%26&js%5Bsession%5D=a0d7199a-3c2b-88d2-99803584-6b27-e966fbb1ca88&js%5Beguid%5D=&callback=jQuery1123024856009345477548_1675099803521&_=1675099803522
IP
Hash 2d14efffc9abb1effc59d32b61b1baa0
c312f58cc7ef5d52c3884d71a81f2fb3982a44c7
0e97c3e0abe7ea547d1f886f9eee501efdbc6bae0f98028d3e27b2a907c54b29
GET /submit/visit.js?js%5Bparams%5D=document.title%3DTrue%2520North%2520Strong%2520%257C%2520Northern%2520Credit%2520Union%26document.referrer%3D%26document.URL%3Dhttps%253A%252F%252Fwww.northerncu.com%252F%26document.location.host%3Dwww.northerncu.com%26document.location.hostname%3Dwww.northerncu.com%26document.location.href%3Dhttps%253A%252F%252Fwww.northerncu.com%252F%26navigator.language%3Den-US%26navigator.platform%3DLinux%2520x86_64%26navigator.userAgent%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0%26window.width%3D1268%26browser%3Dmozilla%26&js%5Bsession%5D=a0d7199a-3c2b-88d2-99803584-6b27-e966fbb1ca88&js%5Beguid%5D=&callback=jQuery1123024856009345477548_1675099803521&_=1675099803522 HTTP/1.1
Host: collection.activedemand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 30 Jan 2023 17:29:51 GMT
Server: Apache
Cache-Control: max-age=0, private, must-revalidate
Referrer-Policy: strict-origin-when-cross-origin
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
WWW-Authenticate: NoAuthRequired
X-Request-Id: f46a5a7e-2a5b-4e74-875c-1369834cef63
X-Download-Options: noopen
X-Runtime: 0.157090
X-Content-Type-Options: nosniff
Set-Cookie: session_uid=ImEwZDcxOTlhLTNjMmItODhkMi05OTgwMzU4NC02YjI3LWU5NjZmYmIxY2E4OCI%3D--f21e0295a251ac44b1c682b99500acb43e64adca; domain=.activedemand.com; path=/; expires=Fri, 30 Jan 2043 17:29:50 GMT
_ad_session=05b2a277a59c039c875194f85fe8f8ff; path=/; HttpOnly; secure
ETag: W/"0e97c3e0abe7ea547d1f886f9eee501e"
Status: 200 OK
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rHOYT7KKPd_sR9FnaBphHHxv30Q5rLbEn4m1PYrA_86MMKg4l2aDNA==
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:29:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=358090&time=1675099803633&url=https%3A%2F%2Fwww.northerncu.com%2F
302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=358090&time=1675099803633&url=https%3A%2F%2Fwww.northerncu.com%2F
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=358090&time=1675099803633&url=https%3A%2F%2Fwww.northerncu.com%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D358090%26time%3D1675099803633%26url%3Dhttps%253A%252F%252Fwww.northerncu.com%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIwfyuUd_DwWgAAAYYDul8gXs_i9HNtA3-isTXoTifVH2i966E_71d12v_lWnrzq1KWKOexv28oDA; Max-Age=2592000; Expires=Wed, 01 Mar 2023 17:29:51 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQL_9kyQ7fcFMAAAAYYDul8g76ozLcqPcOdpggvo2dPuVRgZcoQLKxVrm9bioqD_myyeZy8py0v_nyLuuol5Dg; Max-Age=2592000; Expires=Wed, 01 Mar 2023 17:29:51 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&7d0d9cba-ebde-4ac7-8d73-1b90c58de09d"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 17:29:51 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2478:u=1:x=1:i=1675099791:t=1675186191:v=2:sig=AQFDHEaKmLUSZH2nZudeIgNm5AfVe-94"; Expires=Tue, 31 Jan 2023 17:29:51 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXzfpADXF11YrQrCiXwZA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 752AF823F3A04A12AD1C961911A1BF26 Ref B: OSL30EDGE0306 Ref C: 2023-01-30T17:29:51Z
date: Mon, 30 Jan 2023 17:29:51 GMT
content-length: 0
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1662523120734946&ev=PageView&dl=https%3A%2F%2Fwww.northerncu.com%2F&rl=&if=false&ts=1675099804301&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=28&fbp=fb.1.1675099804300.294174484&it=1675099803735&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1662523120734946&ev=PageView&dl=https%3A%2F%2Fwww.northerncu.com%2F&rl=&if=false&ts=1675099804301&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=28&fbp=fb.1.1675099804300.294174484&it=1675099803735&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1662523120734946&ev=PageView&dl=https%3A%2F%2Fwww.northerncu.com%2F&rl=&if=false&ts=1675099804301&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=28&fbp=fb.1.1675099804300.294174484&it=1675099803735&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 17:29:51 GMT
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D358090%26time%3D1675099803633%26url%3Dhttps%253A%252F%252Fwww.northerncu.com%252F%26liSync%3Dtrue
302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D358090%26time%3D1675099803633%26url%3Dhttps%253A%252F%252Fwww.northerncu.com%252F%26liSync%3Dtrue
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D358090%26time%3D1675099803633%26url%3Dhttps%253A%252F%252Fwww.northerncu.com%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.northerncu.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=358090&time=1675099803633&url=https%3A%2F%2Fwww.northerncu.com%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&42187dd6-b7fa-4574-8e4f-60d4f27d9b04"; Domain=.linkedin.com; Expires=Tue, 30-Jan-2024 17:29:51 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230130172951169a24e6-b618-4b91-81bd-61f03bdc68b4AQHle1rjR7N5PcsBM3pU_TTrVdHqQb-u"; Domain=.www.linkedin.com; Expires=Tue, 30-Jan-2024 17:29:51 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzUwOTk3OTE7MjswMjGTDGAUCIwy+0recbQcpzyQhOmrc8ea6ycrHcUU0RNBrA==; Domain=.linkedin.com; Expires=Sat, 29 Jul 2023 17:29:51 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2423:u=1:x=1:i=1675099791:t=1675186191:v=2:sig=AQHXp1V_8SA1wsLBz7i2FfJpQR5ltU2Y"; Expires=Tue, 31 Jan 2023 17:29:51 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzfpAHTL9fLwgyFle56Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B3D3BB2C6C584C3592D15A671A714656 Ref B: OSL30EDGE0306 Ref C: 2023-01-30T17:29:51Z
date: Mon, 30 Jan 2023 17:29:51 GMT
content-length: 0
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/358090/domain/northerncu.com/token
200 OK 11 kB URL HTTP/2 cdn.linkedin.oribi.io/partner/358090/domain/northerncu.com/token
IP
Hash ac0b3614b16a70a3a6144e3ca843b789
88d06e21e746f109f62db7425050ea752bfeb0eb
2349e38062d4ec5f1e4a3fc78c4c931549a5cb9d86698f4e2adf75a595ae50b2
GET /partner/358090/domain/northerncu.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.northerncu.com
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 30 Jan 2023 16:59:52 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BaJp93-GvPd458FCewdaB1JKCc1c1AzWYQvCTSwm6beGpdaB9FxpTA==
age: 1798
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=358090&time=1675099803633&url=https%3A%2F%2Fwww.northerncu.com%2F&liSync=true
200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=358090&time=1675099803633&url=https%3A%2F%2Fwww.northerncu.com%2F&liSync=true
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=358090&time=1675099803633&url=https%3A%2F%2Fwww.northerncu.com%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.northerncu.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&11b9d139-606f-46b3-8ae4-db9cb04e63be"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 17:29:51 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2423:u=1:x=1:i=1675099791:t=1675186191:v=2:sig=AQHXp1V_8SA1wsLBz7i2FfJpQR5ltU2Y"; Expires=Tue, 31 Jan 2023 17:29:51 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzfpAKUCd3RiuTFS2O8Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 420EB47393904FFBB10952ABB2A452C9 Ref B: OSL30EDGE0306 Ref C: 2023-01-30T17:29:51Z
date: Mon, 30 Jan 2023 17:29:51 GMT
content-length: 0
X-Firefox-Spdy: h2
ncu.ficanex.ada.support/embed/x-storage/6c1802b/index.html
200 OK 237 B URL HTTP/2 ncu.ficanex.ada.support/embed/x-storage/6c1802b/index.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 93f912ceabb0586748b7b0061a4f94fa
3e276c2801c1483dbe182e402c70030ce75409de
135cc772ab77bf6b4fc8b652097da35bf8feed9c1f60d7a91cc76913c0ad05bd
GET /embed/x-storage/6c1802b/index.html HTTP/1.1
Host: ncu.ficanex.ada.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 237
last-modified: Tue, 24 Jan 2023 18:16:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: J25g1A84WNjX6jcPdqZBVqiUiJ4wj4hH
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 17:29:51 GMT
cache-control: 172800
etag: "93f912ceabb0586748b7b0061a4f94fa"
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 41227
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WYqXHQhe8j000CjOztOFrSEneez6Y6EohKdEs8_MpgJpGTgK13fpZA==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDJKl99GiUxTW_EgWFDjLaJZbKFhfaJR-XRLsbQphwHuCXczDlxrDA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:37 GMT
age: 70517
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/c1-moment-timezone.js
200 OK 0 B URL HTTP/2 www.northerncu.com/global-styles/js/c1-moment-timezone.js
IP
GET /global-styles/js/c1-moment-timezone.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Wed, 11 Aug 2021 09:38:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"61139a99-9c8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SRr5d2XRtOJpqM25r98FOWU2ezrNGWVnrTABKJ2DAN7KkO8Thy7YAQ==
age: 328
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/header-c1-basic/single-col.js
200 OK 0 B URL HTTP/2 www.northerncu.com/global-styles/js/header-c1-basic/single-col.js
IP
GET /global-styles/js/header-c1-basic/single-col.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:22 GMT
last-modified: Mon, 13 Jun 2022 17:37:13 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"62a775c9-f69"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BC1rHUdD17cG07XlcQ3oNLJKAmpXuM8j7wekXDQcG8QcrIacp1P03w==
age: 327
X-Firefox-Spdy: h2
static.ada.support/images/286ca5d2-5311-467a-a5f5-5051ad710db4.svg
200 OK 0 B URL HTTP/2 static.ada.support/images/286ca5d2-5311-467a-a5f5-5051ad710db4.svg
IP
GET /images/286ca5d2-5311-467a-a5f5-5051ad710db4.svg HTTP/1.1
Host: static.ada.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ncu.ficanex.ada.support/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: ETag
access-control-max-age: 3000
last-modified: Thu, 30 Jun 2022 03:05:07 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Y86oXsF_O5xlh1LibNTaGWYKWI2tgVBp
server: AmazonS3
content-encoding: gzip
date: Mon, 30 Jan 2023 17:29:39 GMT
etag: W/"821187d993547ae7de56ac1fd3319695"
vary: Accept-Encoding
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
age: 107
content-security-policy: default-src 'none'; media-src https://static.ada.support
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: igEhKqjA54MsJKEgTvZxN7FIlbV7pc5DYbjvOGnAWI1n1xExZz15aA==
X-Firefox-Spdy: h2
ncu.ficanex.ada.support/embed/intro/6c1802b/index.html
200 OK 0 B URL HTTP/2 ncu.ficanex.ada.support/embed/intro/6c1802b/index.html
IP
GET /embed/intro/6c1802b/index.html HTTP/1.1
Host: ncu.ficanex.ada.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 24 Jan 2023 18:16:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: .SJn6qbOsxhDhD7KYpbfdAqMQhTM_uqS
server: AmazonS3
content-encoding: gzip
date: Mon, 30 Jan 2023 17:29:51 GMT
cache-control: 172800
etag: W/"dd6e716ea438b9989e704e43f4a9ea01"
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 20680
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TtrayQjjOqAPjt5LyIM2EsKhuu8fw3eJinVqbtUZZ18pt9-s-BkvRg==
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/c1-collapsible-content.js
200 OK 0 B URL HTTP/2 www.northerncu.com/global-styles/js/c1-collapsible-content.js
IP
GET /global-styles/js/c1-collapsible-content.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Wed, 11 Aug 2021 09:38:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"61139a99-48a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 00nQ_If_I32rxc60bMoKZWB13BlD42lWIDAETuwmlage7bEC65XNrQ==
age: 328
X-Firefox-Spdy: h2
static.ada.support/embed2.js
200 OK 0 B URL HTTP/2 static.ada.support/embed2.js
IP
GET /embed2.js HTTP/1.1
Host: static.ada.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: ETag
access-control-max-age: 3000
last-modified: Wed, 04 Jan 2023 22:06:00 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: BsrqbP3U2hb.a17svKLV3bCW0fRkIy.o
server: AmazonS3
content-encoding: gzip
date: Mon, 30 Jan 2023 06:16:55 GMT
cache-control: max-age: 300
etag: W/"318258ae2fd2aaa16faa799f071935d1"
vary: Accept-Encoding
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
age: 40794
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wtmDgTKpe6d0aCM2beOLcAiuVA2kYS_E4LRGUlIhwP7x8iPiLQKKTA==
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/jquery-3.2.1.min.js
0 B URL www.northerncu.com/global-styles/js/jquery-3.2.1.min.js
IP
GET /global-styles/js/jquery-3.2.1.min.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
www.northerncu.com/assets/img/images/NorthernLogoREV.svg
200 OK 0 B URL HTTP/2 www.northerncu.com/assets/img/images/NorthernLogoREV.svg
IP
GET /assets/img/images/NorthernLogoREV.svg HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 30 Jan 2023 17:29:49 GMT
last-modified: Thu, 30 Sep 2021 07:44:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"61556af5-2eaf"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NpmNgZvH894ythpad2ZB0gNo5nb5XhbYFEmuTiLimvj3iZgxCFET3Q==
X-Firefox-Spdy: h2
ncu.ficanex.ada.support/embed/x-storage/6c1802b/index.js
200 OK 0 B URL HTTP/2 ncu.ficanex.ada.support/embed/x-storage/6c1802b/index.js
IP
GET /embed/x-storage/6c1802b/index.js HTTP/1.1
Host: ncu.ficanex.ada.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ncu.ficanex.ada.support/embed/x-storage/6c1802b/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Tue, 24 Jan 2023 18:16:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ZKK_BKJN4tpi5zFzUDyobEVO_J4OLwbg
server: AmazonS3
content-encoding: gzip
date: Mon, 30 Jan 2023 17:29:51 GMT
cache-control: 172800
etag: W/"34397c4c1da37395e0d2a257d7992872"
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 52140
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GwWM63kFh5ykOgEuLJ4iXyS3GLI4Ynq5mbDm2VonF_FRp2cg-cXBzg==
X-Firefox-Spdy: h2
ncu.ficanex.ada.support/embed/intro/6c1802b/preact.99b03a3862df69974b56.js
200 OK 0 B URL HTTP/2 ncu.ficanex.ada.support/embed/intro/6c1802b/preact.99b03a3862df69974b56.js
IP
GET /embed/intro/6c1802b/preact.99b03a3862df69974b56.js HTTP/1.1
Host: ncu.ficanex.ada.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ncu.ficanex.ada.support/embed/intro/6c1802b/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Tue, 24 Jan 2023 18:16:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: SqXm7nfbDbftVy_zYNvSPq1dQyLvF9V6
server: AmazonS3
content-encoding: gzip
date: Mon, 30 Jan 2023 17:29:51 GMT
cache-control: 172800
etag: W/"5a1982e9e3dfc2ecaedfcdd6ba118ba3"
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 20680
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MwzxNdvLa0WDwSik_8DPHGBrNAe2NPNJXehjzTTQtYel0_SJgq2XhQ==
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/c1-tabbed-layout.js
200 OK 0 B URL HTTP/2 www.northerncu.com/global-styles/js/c1-tabbed-layout.js
IP
GET /global-styles/js/c1-tabbed-layout.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Thu, 03 Feb 2022 19:31:27 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"61fc2d8f-861"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NxSFFd64oqmTmQPH1bpkgyZiORgx4uczmvjz_uPPok8sFWZdHLrDUA==
age: 328
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/theme.min.css
200 OK 0 B URL HTTP/2 www.northerncu.com/global-styles/theme.min.css
IP
GET /global-styles/theme.min.css HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Thu, 10 Nov 2022 00:46:22 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"636c49de-7667b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wJnMTIQi-6K06kcxN3Mn97YZ4caqY3CsuCb1pXPFMWwWIAW6W-A6qg==
age: 328
X-Firefox-Spdy: h2
www.northerncu.com/styles/brand.min.css
200 OK 0 B URL HTTP/2 www.northerncu.com/styles/brand.min.css
IP
GET /styles/brand.min.css HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Thu, 19 Jan 2023 20:44:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"63c9abc8-100f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xo7bAwbsd8C3UHCjuFEIzQexljiyeXNOJt5zVUR9JeQ-LxL7miTatQ==
age: 328
X-Firefox-Spdy: h2
ncu.ficanex.ada.support/embed/button/6c1802b/index.js
200 OK 0 B URL HTTP/2 ncu.ficanex.ada.support/embed/button/6c1802b/index.js
IP
GET /embed/button/6c1802b/index.js HTTP/1.1
Host: ncu.ficanex.ada.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ncu.ficanex.ada.support/embed/button/6c1802b/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Tue, 24 Jan 2023 18:16:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 0Gu7DB1vF9hp3u8EU5A1onZJETikx23J
server: AmazonS3
content-encoding: gzip
date: Mon, 30 Jan 2023 17:29:51 GMT
cache-control: 172800
etag: W/"b2f337dfaad998c56b82303119bcd6b5"
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 52140
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bZyzcc4Xsm4ZxrD06GuNOQ1x38xz9BOJL18T7Keb5BOBT_zjPnVBVQ==
X-Firefox-Spdy: h2
ncu.ficanex.ada.support/embed/button/6c1802b/index.html
200 OK 0 B URL HTTP/2 ncu.ficanex.ada.support/embed/button/6c1802b/index.html
IP
GET /embed/button/6c1802b/index.html HTTP/1.1
Host: ncu.ficanex.ada.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 24 Jan 2023 18:16:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: HoxdXiNKuy2NYzwABitwrO1o4nspo.RU
server: AmazonS3
content-encoding: gzip
date: Mon, 30 Jan 2023 17:29:51 GMT
cache-control: 172800
etag: W/"1bc978ca8d09449bd533ced91e6880dc"
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 52391
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WzCBfK-HiYvPWWdAmhERIXVudeAIM_QxJe64xfCu854-Etde9t0Zjw==
X-Firefox-Spdy: h2
ncu.ficanex.ada.support/embed/button/6c1802b/preact.8ab2422822c47580185f.js
200 OK 0 B URL HTTP/2 ncu.ficanex.ada.support/embed/button/6c1802b/preact.8ab2422822c47580185f.js
IP
GET /embed/button/6c1802b/preact.8ab2422822c47580185f.js HTTP/1.1
Host: ncu.ficanex.ada.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ncu.ficanex.ada.support/embed/button/6c1802b/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Tue, 24 Jan 2023 18:16:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 1nYgSWp.kcbhxvXTSywq3D4AYyrt5OeI
server: AmazonS3
content-encoding: gzip
date: Mon, 30 Jan 2023 17:29:51 GMT
cache-control: 172800
etag: W/"51cc097b6d58a11a6aa758e72ee39e0a"
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 49018
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SptnQJOoN-uxUUGV9NTYlFCe36JmSKUsgqOuC9OEBUHODlQfJzIjcw==
X-Firefox-Spdy: h2
ncu.ficanex.ada.support/embed/x-storage/6c1802b/sentry.b6985341d53aea5af72f.js
200 OK 0 B URL HTTP/2 ncu.ficanex.ada.support/embed/x-storage/6c1802b/sentry.b6985341d53aea5af72f.js
IP
GET /embed/x-storage/6c1802b/sentry.b6985341d53aea5af72f.js HTTP/1.1
Host: ncu.ficanex.ada.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ncu.ficanex.ada.support/embed/x-storage/6c1802b/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Tue, 24 Jan 2023 18:16:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: xLV7.yooYkVopCEfI4JGaTqC7qJZElYB
server: AmazonS3
content-encoding: gzip
date: Mon, 30 Jan 2023 17:29:51 GMT
cache-control: 172800
etag: W/"aa693fab6d2dbff1fc92249379687a31"
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 41224
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ssMymh4fyT069fO_n67HKR_-WGCQsa7vLIzQMN7pg3zAe14sBoAG8Q==
X-Firefox-Spdy: h2
www.northerncu.com/
200 OK 0 B IP
GET / HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
date: Mon, 30 Jan 2023 17:29:49 GMT
set-cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971; Path=/; HttpOnly
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -OrsIaTOwb8-UFhyA-JIPHSmZI7Rk-FK8qNClMuNSpJbAgZRXOvmEQ==
X-Firefox-Spdy: h2
www.northerncu.com/global-styles/js/c1-moment.js
200 OK 0 B URL HTTP/2 www.northerncu.com/global-styles/js/c1-moment.js
IP
GET /global-styles/js/c1-moment.js HTTP/1.1
Host: www.northerncu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northerncu.com/
Cookie: JSESSIONID=CE381C5F301F8972F325226E0C4C9971
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 17:24:21 GMT
last-modified: Wed, 11 Aug 2021 09:38:34 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google, 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
content-encoding: br
etag: W/"61139a9a-c9df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AhFe5wHbXXESldK5g2xxgOrbRNR_epKjdBSJqJNENxIKy76qcwJGgA==
age: 328
X-Firefox-Spdy: h2
54.230.111.79
93.184.220.29
157.240.205.35
23.36.77.32