Report - 2nu.gs/stash

Report Overview

Submitted URL
2nu.gs/stash
IP
67.199.248.12
ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2022-12-01 23:30:37
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
status.rapidssl.com	6946	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.6 kB	93.184.220.29
d3rr3d0n31t48m.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	54 kB	143.204.55.91
logx.optimizely.com	1233	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	894 B	708 B	54.204.183.102
2nu.gs	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	557 B	67.199.248.12
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	104.18.32.68
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	4.5 kB	143.204.55.84
api.amplitude.com	1242	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	460 B	307 B	54.70.168.241
public.profitwell.com	6695	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	564 B	54.230.111.96
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
www.upsellit.com	10480	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	12 kB	34.117.39.58
ocsp.comodoca.com	1696	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	1.0 kB	104.18.32.68
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	4.6 kB	192.124.249.24
cdn.optimizely.com	694	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	96 kB	23.38.200.155
a20105345443.cdn.optimizely.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	508 B	1.6 kB	104.110.8.48
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	597 B	706 B	108.177.14.154
dx.mountain.com	12081	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	883 B	278 B	54.190.217.118
11179964.fls.doubleclick.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.4 kB	142.250.74.38
cdn.nytrng.com	25486	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	481 B	143.204.55.58
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	52 kB	34.120.237.76
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	2.0 kB	142.250.74.130
action.media6degrees.com	6428	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	480 B	883 B	104.18.22.234
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	6.4 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
shop.pe	10635	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	652 B	35.227.244.1
shopper.shop.pe	12886	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	974 B	11 kB	35.190.54.17
px.mountain.com	11897	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	1.0 kB	35.85.106.161
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	108 kB	142.250.74.168
container.pepperjam.com	9286	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	9.7 kB	54.230.111.50
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	28 kB	157.240.240.1
44.238.122.172	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	435 B	44.238.122.172
action.dstillery.com	6810	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	462 B	383 B	104.18.22.234
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	31 kB	104.18.10.207
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	7.7 kB	142.250.74.131
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
vc.hotjar.io	2334	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	414 B	368 B	54.230.111.8
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	5.9 kB	143.204.42.156
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	722 B	3.8 kB	104.18.21.226
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	69 kB	143.204.55.68
match.adsrvr.org	349	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	481 B	352 B	3.33.220.150
www.nugs.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.0 kB	104.16.165.17
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.13.173.34
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	757 B	142.250.74.163
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	757 B	142.250.74.132
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	349 B	157.240.240.35
errors.client.optimizely.com	7604	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	917 B	636 B	3.223.219.224
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	40 kB	104.17.24.14
cdn.amplitude.com	2911	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	22 kB	54.230.245.209
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	21 kB	142.250.74.110
gs.mountain.com	17855	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	731 B	34.212.4.35
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
id.nugs.net	608334	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.9 kB	92 kB	20.49.97.21
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.1 kB	142.250.74.130
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.1 kB	142.250.74.98
addshoppers.s3.amazonaws.com	15696	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	872 B	5.5 kB	52.216.130.243

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	44.238.122.172	Sinkholed

JavaScript (50)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/jquery.validate.unobtrusive.min.js	5.9 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/jquery.validate.unobtrusive.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:50 Last Seen2024-04-25 00:40:29 Times Seen276 Hash 7c8539e8ab8e1cb63ea84146a0006455 7ae67b3420c98c73c5020cc92a60108bfd6e89bb f46c9ca499e58948c90d50ea3f4504bbf6ec9bd53eddd9d0507f3edd6d74be46 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js	24 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2024-04-26 00:44:26 Times Seen1190 Hash 8a25965d822705f957a243443d219787 0da4c535b50bdb4dffa3b5fae3e999aeee137cb5 b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2 Loading...

	a20105345443.cdn.optimizely.com/client_storage/a20105345443.html	1.5 kB	2023-03-11	2023-03-23
Pretty URL a20105345443.cdn.optimizely.com/client_storage/a20105345443.html IP 104.110.8.48 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-23 08:31:44 Times Seen1 Hash 5f84e0434d87c758c43d4f12691175e5 fd52f3b9f7a0a855d0848eec852a0fb102994f9b 520dd8a8861390f6cadf8191e3ca8062257aa1e601fddc3b220fe5faad1d72bf Loading...

	cdn.amplitude.com/libs/amplitude-8.3.0-min.gz.js	68 kB	2023-03-07	2023-05-05
Pretty URL cdn.amplitude.com/libs/amplitude-8.3.0-min.gz.js IP 54.230.245.209 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:31 Last Seen2023-05-05 12:57:06 Times Seen199 Hash dc2ff1939f8d1cd2ea8f0b8354cc7834 f11a4dd028bfc548a185b3ab432f3346bb80a1bd 92463dd999517745a860d568dcdf41fb6df319a129c2ac88d0a9a22b71ccc783 Loading...

	px.mountain.com/st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term%3Dvalue&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue	2.4 kB	2023-03-11	2023-03-11
Pretty URL px.mountain.com/st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term%3Dvalue&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue IP 35.85.106.161 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 431751c1702ed243d1297aac2c30e142 f25afe962988a2ad24be90e1e2845545e91634b7 93b2040ce8b95990b040d412de3b1d498bad3e7de1c8c00aa1d108cf2dfbd362 Loading...

	id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286	535 B	2023-03-07	2024-04-26
Pretty URL id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 IP 20.49.97.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-04-26 05:51:19 Times Seen6824 Hash 67c866dc70f00171ef6277d17a7987ae 41d53bdb4eabed4834641ad37984d1e1b9eb6d0d dd1ae61f744792a5ab43f9548d1e6322138b72ea34af5dbc717773f92f271747 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-26 09:26:29 Times Seen95576 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286	81 B	2023-03-11	2023-03-11
Pretty URL id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 IP 20.49.97.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash c6315e9755412e669909c91e7ade252d 3cc45035c8310858d0137d1ad65918bc3ec88d3b 62125cf1803d69fd3792608e38d552b31aa87a9445dcf09a97f0a17326fe7627 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	addshoppers.s3.amazonaws.com/622107cf73efc3646959c0d0/6221312ec828c9383e9a2e52/A.js?_t=1650647083	19 kB	2023-03-11	2023-03-23
Pretty URL addshoppers.s3.amazonaws.com/622107cf73efc3646959c0d0/6221312ec828c9383e9a2e52/A.js?_t=1650647083 IP 52.216.130.243 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-23 08:31:44 Times Seen1 Hash 5f9dd6f2ae6545393360eb9a2e7136a3 650bb9b68a381fa84119500edbd84de5b28c973e 5f29eb2155f01f975d4b8274c2d5176a6846888ff49361bd6ebd9ec7d8c9f1ab Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 09:27:44 Times Seen37088535 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	addshoppers.s3.amazonaws.com/customize/622107cf73efc3646959c0d0/3497c80c4d544aca87f7130a9e0bf692.js?_t=1668435918	219 B	2023-03-11	2023-03-23
Pretty URL addshoppers.s3.amazonaws.com/customize/622107cf73efc3646959c0d0/3497c80c4d544aca87f7130a9e0bf692.js?_t=1668435918 IP 52.216.130.243 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-23 08:31:44 Times Seen1 Hash f5e44e3013361f8795efe173f9482681 dd99aee1307035a3e9209ca02dc814bafb6746a8 c1e156b8241180c20a1578c59bb784c0f85c7465d138eb71c30af1b213066687 Loading...

	www.upsellit.com/active/nugsnet.jsp	35 kB	2023-03-11	2023-03-11
Pretty URL www.upsellit.com/active/nugsnet.jsp IP 34.117.39.58 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 21ebdc71b256797aaf1632a607ef972e 4543876b4e082aa14f0a5602f90bee289ac8d428 399c1a5312d022231d2e9c2578cf8eef929f090d92087deac6c06dfd22d4821d Loading...

	shop.pe/widget/widget_async.js#622107cf73efc3646959c0d0	2.1 kB	2023-03-08	2023-03-11
Pretty URL shop.pe/widget/widget_async.js#622107cf73efc3646959c0d0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:58 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 727dbedfbc7fdce744c2455857e8cea1 60694eeb054d58a67609c66917f9162d9641202f e0ca5d84d0ce61690a77edcd8c4d3ceec3855d6d1d30741b1b8a794fe05fd492 Loading...

	shop.pe/widget/main/init/params?siteid=622107cf73efc3646959c0d0&product=Login%20%7C%20nugs.net&product_url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&callback=AddShoppersWidget.load_widget&rand=24297&cookie=2%7C1%3A0%7C10%3A1669937429%7C15%3Aaddshoppers.com%7C44%3ANzE3YmI2ZWJlZTJlNDRiMTkwZTZmMjkxMTM1OTUxNzA%3D%7C45611695474914d5d2bc859d46b22460c41b21bf905aeb76676f9e9f6570b2fb&referer=	1.3 kB	2023-03-11	2023-03-11
Pretty URL shop.pe/widget/main/init/params?siteid=622107cf73efc3646959c0d0&product=Login%20%7C%20nugs.net&product_url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&callback=AddShoppersWidget.load_widget&rand=24297&cookie=2%7C1%3A0%7C10%3A1669937429%7C15%3Aaddshoppers.com%7C44%3ANzE3YmI2ZWJlZTJlNDRiMTkwZTZmMjkxMTM1OTUxNzA%3D%7C45611695474914d5d2bc859d46b22460c41b21bf905aeb76676f9e9f6570b2fb&referer= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 8b4434de111f50175d858d43051df81d 86f04c12ea223514885019fd9443950c4b942c68 e3f364df6e596b7f2e82fdc33e7c54239d53c16ca0df9502abd86fbc291ba3b4 Loading...

	px.mountain.com/st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue&cb=1669937430366821&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669937431108	5.5 kB	2023-03-11	2023-03-11
Pretty URL px.mountain.com/st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue&cb=1669937430366821&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669937431108 IP 35.85.106.161 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 00b5e09b77833228ac560735f17e937a 9bc3663466d577b131fcf2a0af6e038e845e7167 06d22aec04c4b5dc8e52208f177255f1a3c3e979b3fd2a3a7fdbb548f8c69ba8 Loading...

	id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286	422 B	2023-03-11	2023-03-23
Pretty URL id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 IP 20.49.97.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-23 08:31:44 Times Seen1 Hash d5a4221e73b98a3e7ac044ec8a89ae05 803711196782db41ddeb27ec9f36a8184a64c8de 784572152f075ac110cea257909d2ef7f96388b25e01c1ada20b67a892672e04 Loading...

	id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286	693 B	2023-03-11	2023-03-11
Pretty URL id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 IP 20.49.97.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash b85c93218a754a3fdf6f38e0af893db7 b8c2a97e60b6de7e2bda610f97551667ce1be365 260e548c50256bb5ec2a9c8039b08ebfbc1ee08faf1893ef7d6cd18e4c1ca49b Loading...

	id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286	1.1 kB	2023-03-11	2023-03-23
Pretty URL id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 IP 20.49.97.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-23 08:31:44 Times Seen1 Hash 737c3fd089aba538816001dc8e5f76c0 1cec7d7afb1a2747b0ae1e45ef9e04cb03506524 a0f178f3c33c5dbfc0909984b453a338e0bf12190cc68d5c2319f0228bdc3f29 Loading...

	d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78	11 kB	2023-03-07	2023-03-17
Pretty URL d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78 IP 143.204.55.91 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:57 Last Seen2023-03-17 18:53:20 Times Seen1 Hash c317b7852cd920e51fb9818dd2739faf 6ea03f97b8b2832a0bf95f3e2bd49310c69095fc e124bd334341346ad05a5b3a92f27a1b5b7c7fda0d7a78f8f9d1101b24d115ae Loading...

	d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db	187 kB	2023-03-08	2023-03-11
Pretty URL d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db IP 143.204.55.91 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:55:55 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 90709db38c119be3e361a85c6282afdb 89ad60e84da43e59e2894353cf4055d5336a0d5e b2b726792165ef1182e0c569ece2eb6ca67b692d9657fd68a2c5b773d52ba7c6 Loading...

	connect.facebook.net/signals/config/584020173505835?v=2.9.89&r=stable	300 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/584020173505835?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 529564c1431712a63d743ae9339cc99e eae607487e59753e073df12ce11dae6f4ae94b82 68de1f0d3587201bf4a7db00c47e3a5c77042ff77992c2543387fd5e3defdc24 Loading...

	nytrng.com/iframe?vcp=4dd5h0np&as_id=717bb6ebee2e44b190e6f29113595170	331 B	2023-03-11	2023-03-11
Pretty URL nytrng.com/iframe?vcp=4dd5h0np&as_id=717bb6ebee2e44b190e6f29113595170 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 734e2eef2e841392bac61ed84ee01276 253735633d3a73546f1310e473070bac4b2791e9 e6079c11bda5fa07ca6b73c28385e0d8f1da188acfae31e8149e8f97daacfabc Loading...

	gs.mountain.com/gs	144 B	2023-03-11	2023-03-11
Pretty URL gs.mountain.com/gs IP 34.212.4.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 81e7a052c55cd9c1af87900fcf78553c 51106442f3c545aa7d3def01d8a7aea86ae15faa f936163de4114c0889ed50e02c614bbe3b30db0e561f1106ce039c9feb87c6c0 Loading...

	id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286	1.9 kB	2023-03-11	2023-03-11
Pretty URL id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 IP 20.49.97.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash a0c9fe079bd94c9a8dce3c0897217910 81504e1e1fd7461dd50247b417cb7f3a6eb203f5 fc6468fbccba64f8899cfb58f27bcf0a7f5bf09624fa285e3680c5c22e80b1a3 Loading...

	id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286	205 B	2023-03-07	2024-04-26
Pretty URL id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 IP 20.49.97.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-04-26 05:51:19 Times Seen6846 Hash b18e821747b6d0acf67b7eb932983ea8 77bdf9e8c6e0bcc96973d71fa191bbf625526782 e74bcbb732fc20232a6235744beb8202085b8ce9b361c361e6c814da56415f07 Loading...

	container.pepperjam.com/1965331760.js	9.1 kB	2023-03-07	2024-02-14
Pretty URL container.pepperjam.com/1965331760.js IP 54.230.111.50 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30:53 Last Seen2024-02-14 09:18:06 Times Seen326 Hash 28eb02a2d07c40f909871bc9cc263010 94f210cc78ee3c383699fbb17462accc0eb870bc 403435c3ed5ba934b6ae1e897ad60794d3f97b1cf88a086642c08cce7fddca9b Loading...

	shop.pe/widget/main/init/params?siteid=622107cf73efc3646959c0d0&product=Login%20%7C%20nugs.net&product_url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=61940&cookie=&referer=	260 B	2023-03-11	2023-03-11
Pretty URL shop.pe/widget/main/init/params?siteid=622107cf73efc3646959c0d0&product=Login%20%7C%20nugs.net&product_url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=61940&cookie=&referer= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 3b9bf31ee4ed3615f7e88780ac7552d4 a678ed77e6dc0729f53d266eb8a12cfe06a4be23 8bbb9e6a2f2f2ddd17c8c09217afcf0aab89e298b77c8661069f5b92d66f9195 Loading...

	public.profitwell.com/js/profitwell.js?auth=bb3ac3072e04dce65d4c1fb6e54a520b	36 kB	2023-03-07	2023-11-10
Pretty URL public.profitwell.com/js/profitwell.js?auth=bb3ac3072e04dce65d4c1fb6e54a520b IP 54.230.111.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2023-11-10 00:02:35 Times Seen1368 Hash f3710cf44008e9509cf9d74fde8cff1f e351f7543b4a715231c742c0a4110b5d905ac60f 94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2 Loading...

	id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286	295 B	2023-03-11	2023-03-23
Pretty URL id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 IP 20.49.97.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-23 08:31:44 Times Seen1 Hash 208aaa17cd490f0ff8c2e51db2d4f531 98b4575ba186d13d6ddb43dd31bdbce9ac89cf1e e007065a97daadd13c5dc32893b1cd199b34575b9f5db492f12b03aadd71a001 Loading...

	id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286	342 B	2023-03-07	2024-04-25
Pretty URL id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 IP 20.49.97.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:20 Last Seen2024-04-25 08:21:08 Times Seen74 Hash e4d1458a0923591fca3c92dfd7a85162 4c828c9bf51537c84d65369e87dd54e74fc40a44 115c0796d60552da052b4f5b384f705bbc5c3059a526cf2a0bba6e54d81c8787 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.240.1 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html	2.3 kB	2023-03-08	2023-03-26
Pretty URL vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:11 Last Seen2023-03-26 01:38:12 Times Seen2 Hash 2ab04d2242413cc15369fa816e1a02f8 8ff148dd539f0fff0892dcc2075839c315cb8642 fe51660a3d21efbefab64694f51d02f2bcee4e82c324895e93c78ba6179508a3 Loading...

	action.dstillery.com/orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined	5 B	2023-03-07	2024-04-26
Pretty URL action.dstillery.com/orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined IP 104.18.22.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:39 Last Seen2024-04-26 00:46:19 Times Seen465 Hash cc9067c2ee470dc248b14b194209a34e 31789ace8fdb0fae2976e8303b614c51d0a139a9 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3 Loading...

	shopper.shop.pe/input.js	27 kB	2023-03-07	2023-05-17
Pretty URL shopper.shop.pe/input.js IP 35.190.54.17 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:57 Last Seen2023-05-17 15:55:58 Times Seen491 Hash 127fab1b0432a8882b898ccbd22892da cf4347ffabcc3bad1cc7a9d7f5fdfa1e5013eadf bc1f719ad8a9fb36c5f164463ae53ad79a27e84143b027da42c6ee08021ff399 Loading...

	id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286	531 B	2023-03-11	2023-03-11
Pretty URL id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 IP 20.49.97.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 0a817c8e03505afd8353344259827235 0c140e6858f0c972104d4e0274ead9f0545c5a04 c7ceaafef3a9f860e5089fb15be3078f0df3b13b9f25f75cc73918d498bee0dc Loading...

	static.hotjar.com/c/hotjar-3013110.js?sv=7	6.7 kB	2023-03-11	2023-03-11
Pretty URL static.hotjar.com/c/hotjar-3013110.js?sv=7 IP 143.204.55.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 7e045a38874ae513dd2b6b74b1ebed38 b092f568fd0e9f3a52c11c2e45d2d69cf7084070 856074ee9d139864bd91cdcb2375047416f61104cbf5c2d97db068619f831ff3 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/814607108/?random=1669937426479&cv=11&fst=1669937426479&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&auid=1164324903.1669937426&rfmt=3&fmt=4	2.7 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/814607108/?random=1669937426479&cv=11&fst=1669937426479&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&auid=1164324903.1669937426&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash 26e977cf887d6929c373aa8d7c356715 9d7667d6e54b9af8cc2214e8a38aead09acc6ea4 16b3c592a9c12bfb58a5fa4585f205d40102c58947088dae1a7f0793afc21edd Loading...

	dx.mountain.com/spx?dxver=4.0.0&shaid=32717&tdr=&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term=value	16 kB	2023-03-11	2023-03-11
Pretty URL dx.mountain.com/spx?dxver=4.0.0&shaid=32717&tdr=&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term=value IP 54.190.217.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:33 Last Seen2023-03-11 23:52:33 Times Seen1 Hash adeccb9369f477bc16c34836bd1bac98 87d5d422601fa769074f8864dd30ee413056e6d3 c9901fa6cdfab130a007732837b85b494b6576a8d7e821ef1bae759d96c925b5 Loading...

	id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286	357 B	2023-03-11	2023-03-11
Pretty URL id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 IP 20.49.97.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:52:34 Last Seen2023-03-11 23:52:34 Times Seen1 Hash 32addde08824af0a9790ad92ec514f05 1c18ecf9f0b545136ea95df549bd5045f7b1921a 042325938ad051fcba2803d044ed7bb3b1ffb4416e215d9f03a517c16f154149 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5f836d668962ef985928799d31629744	199 B	2023-03-08	2024-04-24
Pretty Observations First Seen2023-03-08 15:11:40 Last Seen2024-04-24 17:01:27 Times Seen390 Hash 5f836d668962ef985928799d31629744 7496c6d51535f234ca29997f41366bb133b85b3c a0463a9bb898b109504a90fc4a010720475807d568d201f157930a9c703fa75d Loading...

	#2 Eval - 994a90d554fc7a2a59b45f9b10d32287	138 B	2023-03-07	2024-04-20
Pretty Observations First Seen2023-03-07 12:05:10 Last Seen2024-04-20 11:39:59 Times Seen362 Hash 994a90d554fc7a2a59b45f9b10d32287 283f4f0dcac0725dba3c3907b998bf162291453c 1f37443b2fa983f58592cbd670146cf83178d0ed66ddf708f4497d019ca51282 Loading...

	#3 Eval - 4069c0ff7c13524165dbe75cb48e4c45	2.4 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 23:52:34 Last Seen2023-03-11 23:52:34 Times Seen1 Hash 4069c0ff7c13524165dbe75cb48e4c45 39c313bc2ffb7ad120ef18c4327cb96aa117ee53 f27ac93db83bee51527c95f2e0ae069f74c683b30f68765a33d42314c5fbba84 Loading...

	#4 Eval - 306f7945e93b77dbffb86e54c28665d0	195 B	2023-03-11	2023-03-23
Pretty Observations First Seen2023-03-11 23:52:34 Last Seen2023-03-23 08:31:44 Times Seen1 Hash 306f7945e93b77dbffb86e54c28665d0 7f841e0ac32919ea74fad74e6915919cbee5e5b5 e9e634dfd5dc66f8e51ff609e4c188693eb88c1c2bbf1f268b9dec339dd22891 Loading...

	#5 Eval - 93374bc064f13294c1bed5436fba6f19	650 B	2023-03-11	2023-03-23
Pretty Observations First Seen2023-03-11 23:52:34 Last Seen2023-03-23 08:31:44 Times Seen1 Hash 93374bc064f13294c1bed5436fba6f19 e00d70f3f91a7c14b10c8d823a9324d7cb1d199f c8908eed9ed331d104fd55b013cb978f40393649f89e0984ef25540843d39a2a Loading...

	#6 Eval - 7b4294294bdffaf3f22bda553eee21c9	792 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 01:17:57 Last Seen2024-04-18 14:00:35 Times Seen4454 Hash 7b4294294bdffaf3f22bda553eee21c9 1c57e620b228318dca25b1f35b6faa46a1e7bbd8 be95c8d79151c70258c07974285ecbec353f917fa5054c668968d1e81295a6f0 Loading...

	#7 Eval - 337f300322a4fb5f1a55f45b7da180ff	1.4 kB	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 13:22:51 Last Seen2024-04-24 10:42:43 Times Seen239 Hash 337f300322a4fb5f1a55f45b7da180ff 26544a4818c77ac241d43de8f8b50997b772cfe5 6d8538a1ead318607b1f84ab79c78694288afbde7b6cfb5ef781695494a393e0 Loading...

	#8 Eval - 9ac0b4708663724dffb4c6f2b814a6df	87 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-26 03:22:40 Times Seen4628 Hash 9ac0b4708663724dffb4c6f2b814a6df 7faabe0595feb52fef2eb924693458608d16a66e aab310ed9d84ead154e032927d4a74c007f4b03655f5596b12339ea61881ba4e Loading...

	#9 Eval - a32458c191bad7c21e6c6dd51f907dbd	26 B	2023-03-08	2024-04-19
Pretty Observations First Seen2023-03-08 14:46:14 Last Seen2024-04-19 15:49:32 Times Seen115 Hash a32458c191bad7c21e6c6dd51f907dbd a499226ccfeb8b4a8dfdc2438e33f5d6ffd77170 93da7a1a8faecce491697056e2fdc9278c55c398a462368a32bc70c142546da3 Loading...

	#10 Eval - b1b320722b1e9a2fc98d650c06bf7b55	17 kB	2023-03-11	2023-03-23
Pretty Observations First Seen2023-03-11 23:52:34 Last Seen2023-03-23 08:31:44 Times Seen1 Hash b1b320722b1e9a2fc98d650c06bf7b55 03e75ed99c1af1d4675ee02fd5286e66bc4c8360 b938d4b6832cc7f98131498d03bb2d35624f3a9914cb3f7bbdf49842a9d96c5a Loading...

HTTP Transactions (109)

URL IP Response Size

2nu.gs/stash

67.199.248.12

302 Found

114 B

URL HTTP/1.1
2nu.gs/stash
IP
67.199.248.12:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
114 B (114 bytes)
Hash
d10a0ac57ca9a806d62f85f5a7dfd5fc
6012311412062147b565cfd066a199df7d9c5e63
3ea8115f3f463ad3be394685c7c66b30d9dc8864cf994bc7da97fe80e185b932

HTTP Headers

GET /stash HTTP/1.1
Host: 2nu.gs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Dec 2022 23:30:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 114
Cache-Control: private, max-age=90
Content-Security-Policy: referrer always;
Location: https://www.nugs.net/stash/
Referrer-Policy: unsafe-url
Set-Cookie: _bit=mb1nup-a7e301ad15110b20c1-00X; Domain=2nu.gs; Expires=Tue, 30 May 2023 23:30:25 GMT
Strict-Transport-Security: max-age=1209600
Via: 1.1 google

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5074
Expires: Fri, 02 Dec 2022 00:54:59 GMT
Date: Thu, 01 Dec 2022 23:30:25 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3511
Cache-Control: max-age=129558
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:25 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:29:43 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8598
Expires: Fri, 02 Dec 2022 01:53:43 GMT
Date: Thu, 01 Dec 2022 23:30:25 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 23:18:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 735
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 1Cd1qUSfp6zQLX8F5nQozJoDcapubJSLYBIeW63/+jcTM9dEdAhahQyzSQH0/Uph7NoQ60CX2R8=
x-amz-request-id: 52CPJD7CZ0Q1NNJ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 22:45:50 GMT
age: 2675
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 23:30:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
59a48c1670241cfaa6337887e5a29f8b
a61e30e4933a489885a77bf892f295bbe071fc6f
19817f120365cae6c1e3c9c50ea054a68a7f29b6c491a0257a208aed7c43449b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 01 Dec 2022 23:30:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:03:45 GMT
Expires: Fri, 02 Dec 2022 20:03:45 GMT
ETag: "a61e30e4933a489885a77bf892f295bbe071fc6f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 23:08:56 GMT
cache-control: public,max-age=3600
age: 1289
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3505
Cache-Control: max-age=124488
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:26 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:05:14 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.13.173.34

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.13.173.34:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +gqaB81SrGTptA4uX9Gvlw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RWkp2P3j73tp0TtusKQH+F+S+ss=

id.nugs.net/connect/authorize?client_id=3TwoVlLAUFrJX33n3HSCSO&redirect_uri=https://www.nugs.net/on/demandware.store/Sites-NugsNet-Site/default/Login-OAuthReentry&response_type=code&scope=offline_access%20nugsnet:api%20nugsnet:legacyapi%20openid%20profile%20email&state=2020360286

20.49.97.21

302 Found

0 B

URL HTTP/1.1
id.nugs.net/connect/authorize?client_id=3TwoVlLAUFrJX33n3HSCSO&redirect_uri=https://www.nugs.net/on/demandware.store/Sites-NugsNet-Site/default/Login-OAuthReentry&response_type=code&scope=offline_access%20nugsnet:api%20nugsnet:legacyapi%20openid%20profile%20email&state=2020360286
IP
20.49.97.21:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /connect/authorize?client_id=3TwoVlLAUFrJX33n3HSCSO&redirect_uri=https://www.nugs.net/on/demandware.store/Sites-NugsNet-Site/default/Login-OAuthReentry&response_type=code&scope=offline_access%20nugsnet:api%20nugsnet:legacyapi%20openid%20profile%20email&state=2020360286 HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Content-Length: 0
Date: Thu, 01 Dec 2022 23:30:26 GMT
Server: Microsoft-IIS/10.0
Location: https://id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET

id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286

20.49.97.21

200 OK

4.1 kB

URL HTTP/1.1
id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286
IP
20.49.97.21:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (539)
Size
4.1 kB (4099 bytes)
Hash
62f2e31890b9bba0c97f24e36cbe1e99
97c7cf7911522b28f6be16e6d5fc9dae71fe869a
8eda74bd0e495f7d959e1a8d320b02df475c28b4c73cd4199558e7b4eca420e6

HTTP Headers

GET /account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Dec 2022 23:30:26 GMT
Server: Microsoft-IIS/10.0
Cache-Control: no-cache, no-store
Content-Encoding: gzip
Pragma: no-cache
Set-Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; path=/; samesite=strict; httponly
.AspNetCore.Mvc.CookieTempDataProvider=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax; httponly
Transfer-Encoding: chunked
Vary: Accept-Encoding
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2f1d1e0007d1ba038ac919cc334dca7d
4f3c8cf53099b4a2844ce33d927d2f637d568ff0
d34a6d2d4672091f991673b5cf5e89dd224ff90ff20360db8493241ad1e31fde

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3445
Cache-Control: max-age=116907
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:27 GMT
Etag: "63885149-117"
Expires: Sat, 03 Dec 2022 07:58:54 GMT
Last-Modified: Thu, 01 Dec 2022 07:01:29 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.24.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27748 bytes)
Hash
638a4990025383a0f83ebf29bdb84a68
153e8818dc42f598e47fde8cf398f1447649a4d0
878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3104451
expires: Tue, 21 Nov 2023 23:30:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f60Xn8RA7iWW1YILwd4tu1lmw%2BI0gHGXkga3BZiQNe2N8CMWJfdT48yGJ0e86iESTYb3zfLTE41NuOTrQhlbevAh9m489VPJKJ2HFZPDwTYvJf4%2FN4eRnWnM6oYL5rMcYLximt9I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 772f9c59be21b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/jquery.validate.unobtrusive.min.js

104.17.24.14

200 OK

1.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/jquery.validate.unobtrusive.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (5607), with CRLF line terminators
Size
1.9 kB (1947 bytes)
Hash
74f2782da27b2fc1635941a39a5a859e
eb58c162c765d0905f3bd3e73c901db671939881
558b2a8778c3356150521ff276c329887f24dfad16461da991fa8b7d6df0b742

HTTP Headers

GET /ajax/libs/jquery-validation-unobtrusive/3.2.11/jquery.validate.unobtrusive.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 1947
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-16ef"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1840939
expires: Tue, 21 Nov 2023 23:30:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clZwxTbUaiB6gg9guU0HcjqN8xVVFzei8rPRtReLIWCFeksGA8H9uXvaC9uuChLxGASCqyNe%2BjkP%2FT9YCrUlY%2BZEH9PPXhOQm%2FG8JZVmsbEWykFBJ6mTNK%2BvxJXJ87%2B5eH68Gqm4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 772f9c59be23b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js

104.17.24.14

200 OK

6.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (24237)
Size
6.9 kB (6929 bytes)
Hash
b1e2dc68243b810ee78fd1669609bafd
cc50ce023a61f353ed284f0b320ff67191264ff7
21913cb0aebf31a225870b0baf58d04c077454d72a40c2061a415e4a297f59c0

HTTP Headers

GET /ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 6929
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-5f38"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 23010
expires: Tue, 21 Nov 2023 23:30:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJR4eSPr8MXJ6xw6LpG%2B667Io1X9cP7NM1PpvxXcm0QzqbFGxqwI5LEjTC6lb47DviwpV5hDFRl%2BKZT997Rrbjc7KE%2Fm0ib7J3Y7rNkdsDt4N1sg8ah6tRqDXEwS4YNphJUisusO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 772f9c59ce25b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2f1d1e0007d1ba038ac919cc334dca7d
4f3c8cf53099b4a2844ce33d927d2f637d568ff0
d34a6d2d4672091f991673b5cf5e89dd224ff90ff20360db8493241ad1e31fde

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3445
Cache-Control: max-age=116907
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:27 GMT
Etag: "63885149-117"
Expires: Sat, 03 Dec 2022 07:58:54 GMT
Last-Modified: Thu, 01 Dec 2022 07:01:29 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk

20.49.97.21

200 OK

2.8 kB

URL HTTP/1.1
id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
IP
20.49.97.21:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
2.8 kB (2824 bytes)
Hash
266a169dcd16aeac6eb9d2eda3574797
53fb0fe1fc7b39f7e648ef6387ec1b17d3e069ff
eabc9182fc6e26fa6cd0a55712ce613f02906f1ada511f17eb0dfd4e57d87173

HTTP Headers

GET /css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8f5109675a37f"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET

cdn.optimizely.com/js/20105345443.js

23.38.200.155

200 OK

95 kB

URL HTTP/2
cdn.optimizely.com/js/20105345443.js
IP
23.38.200.155:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (65468)
Size
95 kB (95345 bytes)
Hash
e90ebeb8d25565f0bdfda4abc4b1f5c2
cfe2cb8025887db2e46414afa047ddf5801813a4
100e0dd4b1d90559d9e93c19f3eab8264331fff6b64e270e98beb7ceb63bca33

HTTP Headers

GET /js/20105345443.js HTTP/1.1
Host: cdn.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: WTtHWsOtRISvwgUSslMJzHQ7oWFXUQlPdUJUYiMr+WqMMNdXBbeBSGvpZoOX3eVTNVb7rYBK1Cw=
x-amz-request-id: 6RXHR58KNQVRYPMR
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Dec 2022 15:53:11 GMT
etag: "e90ebeb8d25565f0bdfda4abc4b1f5c2"
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 934
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: erDNigsu5n2Hbh9CBfRUo3EDLPEAjhGi
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
server: AmazonS3
content-length: 95345
vary: Accept-Encoding
cache-control: max-age=120
date: Thu, 01 Dec 2022 23:30:27 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="2";dur=0,cdnip;desc="23.38.200.155";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7562
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:30:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7562
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:30:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7562
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:30:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7562
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:30:27 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7591 bytes)
Hash
d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:08:56 GMT
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
age: 4891
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13461 bytes)
Hash
16a112f00456d38c4c9e051ccf40e105
8fe32fffe672f0e91ce773af0e4be960f55bad08
43517bbcd17ec6d05d09a4c0d183610acdc7e2fa4767cb786cb8b936d5f44402

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13461
x-amzn-requestid: 8c0121a6-cf29-4cd0-bd42-d9f67af62b84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsyGhGoAMF1-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7eb-593f28367320530e2dcafbfb;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: npt-A-TEzjd-QRTVhv5FMJhwlYujCRCF7tyYbathxjCdCFFEwh_vEQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:59:42 GMT
age: 66645
etag: "8fe32fffe672f0e91ce773af0e4be960f55bad08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

104.18.10.207

200 OK

30 kB

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65324)
Size
30 kB (29685 bytes)
Hash
17653076f083d1fcb1d05af910d9f94c
218fbab106de47c4153c12bc89d2adaab1e3a2b9
966353fbd61dfbee67ff809d24c93a77fbd6b0a055c3294b4c1b9f241c4d5a91

HTTP Headers

GET /bootstrap/4.5.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-cachedat: 2021-06-08 14:20:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 1ecf5737ec240277d3bc1fc3406bd1fe
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 16152980
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 772f9c59cbda0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7334 bytes)
Hash
498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 17nFm7AQdmRYS_af-EJ4XBVw8l3YudcphlpcZMveuVjvjhhYdkAQsw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:33:10 GMT
age: 3437
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2942 bytes)
Hash
b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 6940
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15495 bytes)
Hash
82ea44d6cb116fb1f5752ce9bb87e345
f799dfd89a4f5a452dc837b8616549f578fb4184
e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nwKxQKsw8g5zCzfMFu_XpOac5rhImez29TKrycGJzozZyHTzoCHASw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:20:06 GMT
age: 4221
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-WPL3GVV

142.250.74.168

200 OK

107 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-WPL3GVV
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (52242)
Size
107 kB (107152 bytes)
Hash
e9d120045ded91e82133c829ccf893db
3f5d6390eede1650c4c3bd8fbdb33c6d70a4ca66
a23d0a55caf89c828b14b03a572ccc2ced0e378af26be7bdd4da5465cf5de9d7

HTTP Headers

GET /gtm.js?id=GTM-WPL3GVV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 23:30:27 GMT
expires: Thu, 01 Dec 2022 23:30:27 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 22:13:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 107152
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

id.nugs.net/fonts/Metropolis-Bold.woff2

20.49.97.21

200 OK

26 kB

URL HTTP/1.1
id.nugs.net/fonts/Metropolis-Bold.woff2
IP
20.49.97.21:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format (Version 2), CFF, length 26428, version 11.0\012- data
Size
26 kB (26428 bytes)
Hash
dc6926c36da3e0c92f173fde539a9fdc
7df32375dfbc1955dd873e44bfc4bfd585f13779
9a712a2c31daff2a307d935ebea4ac29bad1a93a75349e0edec1d3eb42f1d2eb

HTTP Headers

GET /fonts/Metropolis-Bold.woff2 HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 26428
Content-Type: font/woff2
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f5109675f13c"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET

a20105345443.cdn.optimizely.com/client_storage/a20105345443.html

104.110.8.48

200 OK

785 B

URL HTTP/2
a20105345443.cdn.optimizely.com/client_storage/a20105345443.html
IP
104.110.8.48:0
ASN
#16625 AKAMAI-AS

File type
HTML document, ASCII text, with very long lines (1371)
Size
785 B (785 bytes)
Hash
5f387893e771aaa86ddcca00c72fb349
10ff789f95d7a2797f8331be6f1282bfc0d98023
ee6ae23677a37ae3490a33fa369dd5cca60f8de4d999b0ea71f967feb7dabff1

HTTP Headers

GET /client_storage/a20105345443.html HTTP/1.1
Host: a20105345443.cdn.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: KFyjgxmZHvIWjuwnfo1ZcCvGLfIOwjdbr6TTtSPOMVSFn0Fc4DrNeRgYvuW1/xoUrkpFjqjI5lg=
x-amz-request-id: 4BME587VB6VWG49H
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Dec 2022 15:54:04 GMT
etag: "5f387893e771aaa86ddcca00c72fb349"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: gV9u7JztHuCMNjXcoyKWT1h58q2uGsPl
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
content-length: 785
vary: Accept-Encoding
cache-control: max-age=120
date: Thu, 01 Dec 2022 23:30:28 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="1";dur=0,cdnip;desc="104.110.8.48";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

status.rapidssl.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.rapidssl.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a3bf956d18db39f24a7c02c8e45fcc64
ebe09f34c7c24af2a726828827671da9d97354d8
ec63126bdba7c9407e892f6247639397a5fe9657a5021b107d964d3f2074ca22

HTTP Headers

POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 317
Cache-Control: max-age=100797
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Etag: "63881e94-1d7"
Expires: Sat, 03 Dec 2022 03:30:25 GMT
Last-Modified: Thu, 01 Dec 2022 03:25:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
920992c4818e7d17517e3dfef67a22c1
407b7e56fbb4faacca123af367b6cfdf0b7b2d99
527197c1e55e0b319d64e59070906d60084827233a6d7498cf63145ab665c424

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.upsellit.com/active/nugsnet.jsp

34.117.39.58

200 OK

11 kB

URL HTTP/2
www.upsellit.com/active/nugsnet.jsp
IP
34.117.39.58:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (8683), with CRLF, LF line terminators
Size
11 kB (11028 bytes)
Hash
53a32d0e7c4875cfe0fd2169815e57e8
9dccf09234ae63d22760c3df643e8259ed25ba0f
2aef24f895cb1ba6e0b964267bfb9c832ca8c3896977cf0b65b63c30d72dbb0f

HTTP Headers

GET /active/nugsnet.jsp HTTP/1.1
Host: www.upsellit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
date: Thu, 01 Dec 2022 08:19:20 GMT
expires: Fri, 02 Dec 2022 08:19:20 GMT
cache-control: max-age=86400
content-type: application/x-javascript;charset=ISO-8859-1
content-length: 11028
age: 54668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
09ea8683e3db4d772067295ed6d9c834
543239e611ab34fcfef30cdcead7d478d2ce7ee2
0831bcfbbacf2706e748751495c7735d1bda7fceb2e1e8727ce1adc86b8bf53f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Etag: "638903c5-2d7"
Last-Modified: Thu, 01 Dec 2022 22:43:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 727

11179964.fls.doubleclick.net/activityi;src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286?

142.250.74.38

200 OK

443 B

URL HTTP/2
11179964.fls.doubleclick.net/activityi;src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286?
IP
142.250.74.38:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (883), with no line terminators
Size
443 B (443 bytes)
Hash
508834f4a48c59ac38c578c4edde62c6
24748aeb619c14f58f0cb948a7e25c965026a88e
4786c238976b681c69f3f442506b036aceff62f7f3413dba0dc9f4217d555b98

HTTP Headers

GET /activityi;src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286? HTTP/1.1
Host: 11179964.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 23:30:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 443
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Dec-2022 23:45:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

status.rapidssl.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.rapidssl.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a3bf956d18db39f24a7c02c8e45fcc64
ebe09f34c7c24af2a726828827671da9d97354d8
ec63126bdba7c9407e892f6247639397a5fe9657a5021b107d964d3f2074ca22

HTTP Headers

POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1548
Cache-Control: max-age=102028
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Etag: "63881e94-1d7"
Expires: Sat, 03 Dec 2022 03:50:56 GMT
Last-Modified: Thu, 01 Dec 2022 03:25:08 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
920992c4818e7d17517e3dfef67a22c1
407b7e56fbb4faacca123af367b6cfdf0b7b2d99
527197c1e55e0b319d64e59070906d60084827233a6d7498cf63145ab665c424

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

container.pepperjam.com/1965331760.js

54.230.111.50

200 OK

9.1 kB

URL HTTP/2
container.pepperjam.com/1965331760.js
IP
54.230.111.50:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (8087)
Size
9.1 kB (9100 bytes)
Hash
28eb02a2d07c40f909871bc9cc263010
94f210cc78ee3c383699fbb17462accc0eb870bc
403435c3ed5ba934b6ae1e897ad60794d3f97b1cf88a086642c08cce7fddca9b

HTTP Headers

GET /1965331760.js HTTP/1.1
Host: container.pepperjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 9100
x-amz-replication-status: COMPLETED
last-modified: Mon, 28 Jun 2021 22:29:53 GMT
x-amz-version-id: LT7Lolk4YOHliSKUsOKoh2VD2SHrs5QV
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 23:30:28 GMT
cache-control: max-age=900
etag: "28eb02a2d07c40f909871bc9cc263010"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8Rbc4U1K54ckp9M0Pu2kKFVFkj_qAA1O3ivGVgTt-i0Xpy8eT8L28A==
age: 275
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

id.nugs.net/img/btn-google.svg

20.49.97.21

200 OK

1.5 kB

URL HTTP/1.1
id.nugs.net/img/btn-google.svg
IP
20.49.97.21:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (347)
Size
1.5 kB (1505 bytes)
Hash
c622e91c4bdc23706bfb0b53dd16195a
6e0ffc1565c71a45fd4fa995f9fa066fe0afc966
8f045c06644169902f019a4e6ca307c193a82a949c32c40dc1269ea233a56f3d

HTTP Headers

GET /img/btn-google.svg HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1505
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f510967593e1"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET

id.nugs.net/img/btn-apple-black.svg

20.49.97.21

200 OK

1.4 kB

URL HTTP/1.1
id.nugs.net/img/btn-apple-black.svg
IP
20.49.97.21:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (1260)
Size
1.4 kB (1384 bytes)
Hash
7b650fe1fc2ed1ac01dc89e9704be866
9bdd2bc38a4f995bf3432681316005c1ff63bb82
d37196a1cfb3421798eb8be2c43607c10bbad42714023ac1df6077baa2755afb

HTTP Headers

GET /img/btn-apple-black.svg HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1384
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f51096759368"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET

adservice.google.com/ddm/fls/i/src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286

142.250.74.130

200 OK

445 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (882), with no line terminators
Size
445 B (445 bytes)
Hash
7c85acf5c2c7cdb32d8631d019be6deb
f2d368278a277fca2034f2c78c491d47a193ad2a
af010dd7a89f5e00c7ce803bfec366c61e874b8aae2f52bf3bb61483a7996cc8

HTTP Headers

GET /ddm/fls/i/src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11179964.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 23:30:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 445
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

id.nugs.net/img/btn-facebook-white.svg

20.49.97.21

200 OK

677 B

URL HTTP/1.1
id.nugs.net/img/btn-facebook-white.svg
IP
20.49.97.21:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (403)
Size
677 B (677 bytes)
Hash
66010609d6062d70fd119c0e2b77d21f
debd99a05a6e438e9b8c996282e287dc6496914d
7ad7f3ece770f68d920521d7876efa8d144199d931f67c193a45065825a32813

HTTP Headers

GET /img/btn-facebook-white.svg HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 677
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f510967594a5"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET

shop.pe/widget/widget_async.js

35.227.244.1

301 Moved Permanently

178 B

URL HTTP/2
shop.pe/widget/widget_async.js
IP
35.227.244.1:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /widget/widget_async.js HTTP/1.1
Host: shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 23:30:28 GMT
content-type: text/html
content-length: 178
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
x-frame-options: deny
content-security-policy: frame-ancestors none;
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
09ea8683e3db4d772067295ed6d9c834
543239e611ab34fcfef30cdcead7d478d2ce7ee2
0831bcfbbacf2706e748751495c7735d1bda7fceb2e1e8727ce1adc86b8bf53f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Etag: "638903c5-2d7"
Last-Modified: Thu, 01 Dec 2022 22:43:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 727

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

id.nugs.net/fonts/Metropolis-Light.woff2

20.49.97.21

200 OK

26 kB

URL HTTP/1.1
id.nugs.net/fonts/Metropolis-Light.woff2
IP
20.49.97.21:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format (Version 2), CFF, length 25912, version 11.0\012- data
Size
26 kB (25912 bytes)
Hash
f193bc290b53e92268366b8d89e31e66
a37841b49a2508ec01b7e831830d1a7e17303c8f
3664cf60656a87a7e1bf1d1e98cfe7e83d01a00133508251757fdbd1b9128d3a

HTTP Headers

GET /fonts/Metropolis-Light.woff2 HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 25912
Content-Type: font/woff2
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f5109675f338"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET

id.nugs.net/fonts/Metropolis-Regular.woff2

20.49.97.21

200 OK

24 kB

URL HTTP/1.1
id.nugs.net/fonts/Metropolis-Regular.woff2
IP
20.49.97.21:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format (Version 2), CFF, length 24152, version 11.0\012- data
Size
24 kB (24152 bytes)
Hash
7b9a798c0a745aa9b5fec632bfccaad7
48bb4cb0a99bbab907487213c3beb4211a2f5427
e920e6b0e7987aceb8df32656d01d44057e2c08646716202d594e06b5010ae70

HTTP Headers

GET /fonts/Metropolis-Regular.woff2 HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 24152
Content-Type: font/woff2
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f5109675c858"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286

142.250.74.98

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 23:30:28 GMT
expires: Thu, 01 Dec 2022 23:30:28 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.godaddy.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
e2a1671bcf52ee924d5b1a78374cea7e
fe03277189efedc6a7f6c733b430550061e9d036
937dc2c0054454f3cc12297ba542311d918bc3605039a0bbace1c79c0b973286

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 01 Dec 2022 23:30:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 22:14:25 GMT
Expires: Fri, 02 Dec 2022 22:14:25 GMT
ETag: "fe03277189efedc6a7f6c733b430550061e9d036"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
7b3adc27ee30eab3059de85690badfe9
eb276b7e511c37fdc3f93f4f6bcbbecd3c49273a
bc46c46178bad6aa8d1964c29f53be2223dc3fc8041303a646df2e8222224ae6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:30:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 23:37:31 GMT
Expires: Tue, 06 Dec 2022 23:37:30 GMT
Etag: "eb276b7e511c37fdc3f93f4f6bcbbecd3c49273a"
Cache-Control: max-age=431821,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772f9c5dfcfcb527-OSL

cdn.amplitude.com/libs/amplitude-8.3.0-min.gz.js

54.230.245.209

200 OK

22 kB

URL HTTP/2
cdn.amplitude.com/libs/amplitude-8.3.0-min.gz.js
IP
54.230.245.209:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (21502 bytes)
Hash
a20730278e9e77196588a060ee851250
6807b9584fb144f466d95259f9dd2d68f0793dfc
3db06c33e72522ad95b8a6301b4395968d0c26ebca98d8a09424f95c1500311c

HTTP Headers

GET /libs/amplitude-8.3.0-min.gz.js HTTP/1.1
Host: cdn.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 21502
date: Mon, 06 Jun 2022 04:03:28 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Wed, 26 May 2021 21:27:28 GMT
etag: "a20730278e9e77196588a060ee851250"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: Fm5nJPZoG_bv_LRUhAxwaRJUULlHf3ar
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5X8RUsRdJNxiBynw1yO9Gy1CQOAdK4grfin3T3vs9FjDtC6WBNNsWw==
age: 15449221
X-Firefox-Spdy: h2

d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

143.204.55.91

200 OK

905 B

URL HTTP/2
d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
IP
143.204.55.91:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (559)
Size
905 B (905 bytes)
Hash
8f9a4e574f11ca1ea10db98fd6687660
24524c8493f0ca5573f353600dd66ba22406cd9c
f16fda04be22fc56edd4df978a54704d27b942f694ba82fab5a7d3b1c13428b8

HTTP Headers

GET /widget/widget_async.js HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 905
last-modified: Tue, 15 Nov 2022 21:39:30 GMT
content-encoding: gzip
x-amz-meta-mtime: 1668548367.69
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 23:11:30 GMT
cache-control: max-age=3600, public
etag: "8f9a4e574f11ca1ea10db98fd6687660"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nEUPlLEt__y8n5EkQ0qU30roq2eU_ras5zy9MiuW_UB60J9SfD6lkg==
age: 1146
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 22:41:08 GMT
expires: Fri, 02 Dec 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 2960
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/814607108/?random=1669937426479&cv=11&fst=1669937426479&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&auid=1164324903.1669937426&rfmt=3&fmt=4

142.250.74.130

200 OK

1.1 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/814607108/?random=1669937426479&cv=11&fst=1669937426479&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&auid=1164324903.1669937426&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2653), with no line terminators
Size
1.1 kB (1069 bytes)
Hash
e0f492d58cb53688adf7c4ddd5495e56
b9b1df02758db33cc823cbb62711272eb264beca
502d6b2bcc8d57748138149a75707008e5ba83deed9b4231f2839a54a5c71016

HTTP Headers

GET /pagead/viewthroughconversion/814607108/?random=1669937426479&cv=11&fst=1669937426479&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&auid=1164324903.1669937426&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 23:30:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1069
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Dec-2022 23:45:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8a48642d82eee3c432a3f38879f9541b
f53e46a8406bbad51319826db59b6c265622241f
33a0510300258746dda57d56cf6fec74147cd138f7bae2c609d0976841fc3adc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3224
Cache-Control: max-age=90385
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Etag: "6387ea8d-1d7"
Expires: Sat, 03 Dec 2022 00:36:53 GMT
Last-Modified: Wed, 30 Nov 2022 23:43:09 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

id.nugs.net/favicon.ico

20.49.97.21

200 OK

1.2 kB

URL HTTP/1.1
id.nugs.net/favicon.ico
IP
20.49.97.21:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
93e3e8957c0374c9c1c0d2e8a3e4d9f4
ab5bb19911212eaa6be5af3ddac4552b5a4f049a
8caf6476ad4bfe1ae426cc23b865d7aebfc0c8967e7f199080040573b08c5975

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232; _gcl_au=1.1.1164324903.1669937426
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1150
Content-Type: image/x-icon
Date: Thu, 01 Dec 2022 23:30:28 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f5109675927e"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

157.240.240.1

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.240.1:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: uhlnjhK6cSe0cwTTNOy1iU5zyL3ZInohfrQyneuacLeIK8OePa6YkHxQAEjX8JYlaqO8EE3zWqd3Oc9HNtfH6w==
content-length: 27340
x-fb-trip-id: 1679558926
date: Thu, 01 Dec 2022 23:30:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8a48642d82eee3c432a3f38879f9541b
f53e46a8406bbad51319826db59b6c265622241f
33a0510300258746dda57d56cf6fec74147cd138f7bae2c609d0976841fc3adc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3224
Cache-Control: max-age=90385
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Etag: "6387ea8d-1d7"
Expires: Sat, 03 Dec 2022 00:36:53 GMT
Last-Modified: Wed, 30 Nov 2022 23:43:09 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

static.hotjar.com/c/hotjar-3013110.js?sv=7

143.204.55.84

200 OK

3.9 kB

URL HTTP/2
static.hotjar.com/c/hotjar-3013110.js?sv=7
IP
143.204.55.84:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (5909)
Size
3.9 kB (3860 bytes)
Hash
686583a530dd2d0cc0c8a514585d4cf2
cfbe87dc4a1b488953c3473243a29c5d44a87292
4914ff826e52014c53846e2e7e4715d4562b9cd5e5bca0d1a25005129e6e8ac6

HTTP Headers

GET /c/hotjar-3013110.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 01 Dec 2022 23:30:28 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/7e045a38874ae513dd2b6b74b1ebed38
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zSbdYItuVdK1ODQ0CIIdDAw7psvXcd5scmJjZWFtx7R2ZZQ7LGYMlw==
X-Firefox-Spdy: h2

d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78

143.204.55.91

200 OK

3.8 kB

URL HTTP/2
d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
IP
143.204.55.91:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (583)
Size
3.8 kB (3772 bytes)
Hash
6f8d2d39d5726872bebba803a41bb024
2b7c6aa4941537ae52e1f32bfe642dfd440f5cbc
1de43985c42cfd2c6d39a3b7b30957bc1dde1208bd5bbbc94695d4c357383a01

HTTP Headers

GET /widget/triggerRunner.js?v=c317b78 HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 3772
date: Tue, 15 Nov 2022 21:40:34 GMT
last-modified: Tue, 15 Nov 2022 21:39:30 GMT
etag: "6f8d2d39d5726872bebba803a41bb024"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1668548367.68
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZEoYVFNHXXJVU6eSBj5sgjr_fou_z41vHZbraTKXYC2GRWJTp3UYUg==
age: 1388996
X-Firefox-Spdy: h2

script.hotjar.com/modules.90de377b639fd5b933d2.js

143.204.55.68

200 OK

68 kB

URL HTTP/2
script.hotjar.com/modules.90de377b639fd5b933d2.js
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48714)
Size
68 kB (68504 bytes)
Hash
8766036825574dfbddbfc197bd098f6b
3c6087743e1b23d7f071f66d65bec1fdb143a2c2
89c7cf4e7103f90d1cc059e02ac95e97a976de4867e6215945fa6046b04db0b8

HTTP Headers

GET /modules.90de377b639fd5b933d2.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68504
date: Thu, 01 Dec 2022 13:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8766036825574dfbddbfc197bd098f6b"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PAF7KZAQ9nDpAYjGXOaXzbwDD9LlbwqGySnoTVreZ3AWbOR6-tqfHw==
age: 35603
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/814607108/?random=1669937426479&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&fmt=3&is_vtc=1&random=2867843829&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/814607108/?random=1669937426479&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&fmt=3&is_vtc=1&random=2867843829&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/814607108/?random=1669937426479&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&fmt=3&is_vtc=1&random=2867843829&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 23:30:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/814607108/?random=1669937426479&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&fmt=3&is_vtc=1&random=2867843829&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/814607108/?random=1669937426479&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&fmt=3&is_vtc=1&random=2867843829&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/814607108/?random=1669937426479&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&fmt=3&is_vtc=1&random=2867843829&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 23:30:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db

143.204.55.91

200 OK

48 kB

URL HTTP/2
d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
IP
143.204.55.91:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (778)
Size
48 kB (47685 bytes)
Hash
db6577d43efa27de385813e4eb9bf7a8
8a6816a745cf7445b211d08c7a0741e1e3e33e93
e946a88e3447423c1cea32a407f7f060ce07bf2947c2e1c56ee6e3041bced35f

HTTP Headers

GET /widget/widget.js?v=90709db HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 47685
date: Tue, 15 Nov 2022 21:40:33 GMT
last-modified: Tue, 15 Nov 2022 21:39:31 GMT
etag: "db6577d43efa27de385813e4eb9bf7a8"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1668548366.14
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: E7orOIpUa71kVglvPgbF2plxoIHmisVfnUdbO-lPaLBZLBaf-hxLYw==
age: 1388997
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ea4c0e0ab811f65f5ff773ec687c7f6b
8fd72e42a6212a5f7d45e369134751bba7219f62
12207bb36053632d9a01d5afbe2e448c3845fbad88954b3ba631d362cc065df9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:30:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 02:54:24 GMT
Expires: Wed, 07 Dec 2022 02:54:23 GMT
Etag: "8fd72e42a6212a5f7d45e369134751bba7219f62"
Cache-Control: max-age=443633,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772f9c648c1db527-OSL

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21272837-8&cid=2127707211.1669937427&jid=1359982208&gjid=656679272&_gid=1604399674.1669937427&_u=YEBAAUAAAAAAACAFK~&z=350049764

108.177.14.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21272837-8&cid=2127707211.1669937427&jid=1359982208&gjid=656679272&_gid=1604399674.1669937427&_u=YEBAAUAAAAAAACAFK~&z=350049764
IP
108.177.14.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21272837-8&cid=2127707211.1669937427&jid=1359982208&gjid=656679272&_gid=1604399674.1669937427&_u=YEBAAUAAAAAAACAFK~&z=350049764 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://id.nugs.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Dec 2022 23:30:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

vc.hotjar.io/sessions/3013110?s=0.25&r=0.11341907818959851

54.230.111.8

204 No Content

0 B

URL HTTP/2
vc.hotjar.io/sessions/3013110?s=0.25&r=0.11341907818959851
IP
54.230.111.8:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sessions/3013110?s=0.25&r=0.11341907818959851 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Thu, 01 Dec 2022 23:30:29 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bq4wAGhBizmzvVI6hTxgQ5BdqgiJfuaI7iIJ0rxBNPb18hpW5evCzQ==
X-Firefox-Spdy: h2

44.238.122.172/is

44.238.122.172

200 OK

32 B

URL HTTP/1.1
44.238.122.172/is
IP
44.238.122.172:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
32 B (32 bytes)
Hash
c80c42a604e86e3337ee764894269fa6
2afb86cf507db8cb64ce8091bbac0ff934ebb4b0
2bfc5872d3ef7afb8ce9a4b9e3c0ecb176d318aaad677220ff757b986a641262

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /is HTTP/1.1
Host: 44.238.122.172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://id.nugs.net/
Origin: https://id.nugs.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Thu, 01 Dec 2022 23:30:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ddbe7e223cebe9b4cee9b18bf83c169e
ebb7ff47ccb3f7f73e685b3c302fbc0118060bd5
c298452882eacc78e6a1a6706c6e00af8becadf5da38d5d02dc19a860c75a35c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Dec 2022 23:30:29 GMT
Last-Modified: Thu, 01 Dec 2022 22:32:06 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6_8QAMli4S-nyEpLkr5VdopZvVOU2aRvXAZjummB_MxwYh5Tmo81og==
Age: 3503

ocsp.comodoca.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.comodoca.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f15e471c24424484b2bebcd675bd294c
78fbec83f71c32557a78b0e09df2888e77155eed
955e56f58c5c1d1fb224cc75775957a49e5bc8328d22219031d9bbc1191f8af0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:30:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 03:38:20 GMT
Expires: Wed, 07 Dec 2022 03:38:19 GMT
Etag: "78fbec83f71c32557a78b0e09df2888e77155eed"
Cache-Control: max-age=602536,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1091
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772f9c674e68b4e8-OSL

www.facebook.com/tr/?id=584020173505835&ev=PageView&dl=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&rl=&if=false&ts=1669937427849&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669937427848.1694929945&it=1669937427204&coo=false&rqm=GET

157.240.240.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=584020173505835&ev=PageView&dl=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&rl=&if=false&ts=1669937427849&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669937427848.1694929945&it=1669937427204&coo=false&rqm=GET
IP
157.240.240.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=584020173505835&ev=PageView&dl=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&rl=&if=false&ts=1669937427849&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669937427848.1694929945&it=1669937427204&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 01 Dec 2022 23:30:29 GMT
X-Firefox-Spdy: h2

logx.optimizely.com/v1/events

54.204.183.102

204 No Content

0 B

URL HTTP/1.1
logx.optimizely.com/v1/events
IP
54.204.183.102:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v1/events HTTP/1.1
Host: logx.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 972
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://id.nugs.net
Access-Control-Expose-Headers: X-Results-Data-Source
Content-Type: text/plain
Date: Thu, 01 Dec 2022 23:30:29 GMT
Server: nginx/1.21.0
Timing-Allow-Origin: *
X-Request-Id: 0a360b13-02df-4384-90e6-55a3949ca7a8
Connection: keep-alive

api.amplitude.com/

54.70.168.241

200 OK

7 B

URL HTTP/2
api.amplitude.com/
IP
54.70.168.241:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
260ca9dd8a4577fc00b7bd5810298076
53a5687cb26dc41f2ab4033e97e13adefd3740d6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

HTTP Headers

POST / HTTP/1.1
Host: api.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 994
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:29 GMT
content-type: text/html;charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-methods: GET, POST
trace-id: Root=1-63893915-0259882659c51be51de437f3
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
fdd0307cc59c5df72c4b144e537a3247
4e33f616cdde03d5dc402e346b8893ef9ffc3869
452cc67790351f4ff9d0f709fec8888ad4aef24686b547eab246709a050764de

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107236
Date: Thu, 01 Dec 2022 23:30:29 GMT
Etag: "63882b3e-1d7"
Expires: Sat, 03 Dec 2022 05:17:45 GMT
Last-Modified: Thu, 01 Dec 2022 04:19:10 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: trXtdzCb2ja88CBkajbr4OxYlJZBxM9172nCeUpmHJb7moOzHApxdw==
Age: 3515

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
fdd0307cc59c5df72c4b144e537a3247
4e33f616cdde03d5dc402e346b8893ef9ffc3869
452cc67790351f4ff9d0f709fec8888ad4aef24686b547eab246709a050764de

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107227
Date: Thu, 01 Dec 2022 23:30:29 GMT
Etag: "63882b3e-1d7"
Expires: Sat, 03 Dec 2022 05:17:36 GMT
Last-Modified: Thu, 01 Dec 2022 04:19:10 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eYPFt2-cvgP30oWKbu_psGWlLKaOxPJLytTbieQISey9nN2qxeYMbQ==
Age: 3506

shopper.shop.pe/input.js

35.190.54.17

200 OK

8.9 kB

URL HTTP/2
shopper.shop.pe/input.js
IP
35.190.54.17:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (17023)
Size
8.9 kB (8877 bytes)
Hash
277671bdc75ca43b2c48464d6ab4278f
fa3f6cfe3a34a0586917b256c7d5b8f9b4c1a205
cb280dde0bd7b5868891421254e239ef63551cc351cb246a68e9bc69bd4e0e8e

HTTP Headers

GET /input.js HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtkvZFzXp3afxwgHVUwSTc-_vRD0CN_ylP7rxbuebQ8OtaM0P0yUpiy8N5q_Iz7y7xLEWlQhLxcs_ugYLmmemdsF_WB3wYZ
x-goog-generation: 1667301507739079
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8877
content-encoding: gzip
x-goog-hash: crc32c=d2ag2w==, md5=J3ZxvcdcpDssSEZNarQnjw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8877
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
server: UploadServer
date: Thu, 01 Dec 2022 22:46:41 GMT
expires: Fri, 02 Dec 2022 02:46:41 GMT
cache-control: public, max-age=14400
age: 2629
last-modified: Tue, 01 Nov 2022 11:18:27 GMT
etag: "277671bdc75ca43b2c48464d6ab4278f"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

errors.client.optimizely.com/log

3.223.219.224

200 OK

13 B

URL HTTP/1.1
errors.client.optimizely.com/log
IP
3.223.219.224:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
13 B (13 bytes)
Hash
1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

HTTP Headers

OPTIONS /log HTTP/1.1
Host: errors.client.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://id.nugs.net/
Origin: https://id.nugs.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://id.nugs.net
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Thu, 01 Dec 2022 23:30:30 GMT
Content-Length: 13
Connection: keep-alive

errors.client.optimizely.com/log

3.223.219.224

204 No Content

0 B

URL HTTP/1.1
errors.client.optimizely.com/log
IP
3.223.219.224:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /log HTTP/1.1
Host: errors.client.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 330
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://id.nugs.net
Access-Control-Expose-Headers: 
Content-Type: text/plain
Date: Thu, 01 Dec 2022 23:30:30 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
160166b6df71f2dec5feee1a59a61972
4b159f7394a5d635115ca4dd2ed100c440f2b4ed
0c1d45f5508eb5789f0bfc223663fb29922c59075fde9905c1da49a08228bdbf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141489
Date: Thu, 01 Dec 2022 23:30:30 GMT
Etag: "6388b0d1-1d7"
Expires: Sat, 03 Dec 2022 14:48:39 GMT
Last-Modified: Thu, 01 Dec 2022 13:49:05 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oEB3BQSbDrJNB2lSDqprRDe10AbcqVYKgFbVzAlZJwiwX0HWPsUrmg==
Age: 3574

addshoppers.s3.amazonaws.com/customize/622107cf73efc3646959c0d0/3497c80c4d544aca87f7130a9e0bf692.js?_t=1668435918

52.216.130.243

200 OK

143 B

URL HTTP/1.1
addshoppers.s3.amazonaws.com/customize/622107cf73efc3646959c0d0/3497c80c4d544aca87f7130a9e0bf692.js?_t=1668435918
IP
52.216.130.243:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
143 B (143 bytes)
Hash
85cd2887a926a337fb29caef3e31fb84
001433f0a5cc022420eb291a737d6a94e8f05ebd
bcc8cd25c2655db8fde84c809924dbf3f7effffe1388c8d8b22c0d6f49fafaa3

HTTP Headers

GET /customize/622107cf73efc3646959c0d0/3497c80c4d544aca87f7130a9e0bf692.js?_t=1668435918 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: jPErsk5yEoHS7XFxZ64VANqX0Ek/SkqmbB14DNXoH9m0+COmHfWAEAhqEhuc4ely3LG2XzfoML0=
x-amz-request-id: RYY3SNXJAWB5CEZN
Date: Thu, 01 Dec 2022 23:30:31 GMT
Last-Modified: Mon, 14 Nov 2022 14:25:19 GMT
ETag: "85cd2887a926a337fb29caef3e31fb84"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: vwnE2YtzrfAv3g6JToz1aNrEydtd8NWD
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 143

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
160166b6df71f2dec5feee1a59a61972
4b159f7394a5d635115ca4dd2ed100c440f2b4ed
0c1d45f5508eb5789f0bfc223663fb29922c59075fde9905c1da49a08228bdbf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141489
Date: Thu, 01 Dec 2022 23:30:30 GMT
Etag: "6388b0d1-1d7"
Expires: Sat, 03 Dec 2022 14:48:39 GMT
Last-Modified: Thu, 01 Dec 2022 13:49:05 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QTgwRqYQgzlnVVO4ffUiibvh2wm3-fo-15mWEKqZ7EuyY4AcbBAHrQ==
Age: 3574

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1cfcac8a94979ce4a98c8432df1ad268
7732ce3170e7579f21f8feb78e8c252408d11039
fdb800805131f6fcba9861d59a10460b4fc363cb543110305078d7b40ad72a36

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Dec 2022 23:30:30 GMT
Last-Modified: Thu, 01 Dec 2022 21:41:24 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p83DZIEwy6ZCBCGUOizWdGgAZkIz63dtijtvLiB4aPeEE8ydyAX03A==
Age: 6546

addshoppers.s3.amazonaws.com/622107cf73efc3646959c0d0/6221312ec828c9383e9a2e52/A.js?_t=1650647083

52.216.130.243

200 OK

4.4 kB

URL HTTP/1.1
addshoppers.s3.amazonaws.com/622107cf73efc3646959c0d0/6221312ec828c9383e9a2e52/A.js?_t=1650647083
IP
52.216.130.243:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (19075), with no line terminators
Size
4.4 kB (4374 bytes)
Hash
dd2760d1bfced719575de90229b199ce
017cb321aaf016305c0fde832745e0f9f845509f
ad1a3d432db38866ba89bda46cce917fc0afc3ba1aa7f010b28ff75c68cd3051

HTTP Headers

GET /622107cf73efc3646959c0d0/6221312ec828c9383e9a2e52/A.js?_t=1650647083 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: Du9kVcjKmnujvURfdYaSmtWdcJS6lP0uND712uxkCDuoBn2Yn1EDfevpK1MacZZIewy+V7o29eY=
x-amz-request-id: RYY2JG65N986F14C
Date: Thu, 01 Dec 2022 23:30:31 GMT
Last-Modified: Fri, 22 Apr 2022 17:04:44 GMT
ETag: "dd2760d1bfced719575de90229b199ce"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: Sqti0Noo2kgup6_8ZHVxGpDv22S.SMws
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 4374

action.media6degrees.com/orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined

104.18.22.234

200 OK

441 B

URL HTTP/2
action.media6degrees.com/orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined
IP
104.18.22.234:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
441 B (441 bytes)
Hash
acba3436cd61d453594215060602c3ae
3ae9e3556501f195717fbb8e4902da36e1341c17
82b45e0bb3c600f684e71ea49333216103c55d71e12bfc5e41c568c0de1c5991

HTTP Headers

GET /orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined HTTP/1.1
Host: action.media6degrees.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://id.nugs.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:29 GMT
content-type: text/html;charset=ISO-8859-1
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
content-language: en-US
set-cookie: JSESSIONID=2BB3F21395FB625BCBF32DD984C08B62; Path=/orbserv/; HttpOnly
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772f9c634cc5fac4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

shopper.shop.pe/pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNjIyMTA3Y2Y3M2VmYzM2NDY5NTljMGQwIiwic2Vzc2lvbl9pZCI6IjcxN2JiNmViZWUyZTQ0YjE5MGU2ZjI5MTEzNTk1MTcwIiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9

35.190.54.17

200 OK

609 B

URL HTTP/2
shopper.shop.pe/pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNjIyMTA3Y2Y3M2VmYzM2NDY5NTljMGQwIiwic2Vzc2lvbl9pZCI6IjcxN2JiNmViZWUyZTQ0YjE5MGU2ZjI5MTEzNTk1MTcwIiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9
IP
35.190.54.17:0
ASN
#15169 GOOGLE

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
609 B (609 bytes)
Hash
6802175f61adc40617e8ba87a30aa6bd
14c099df9dae2f8586dd5f38f7afd9b3d2e277e5
0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170

HTTP Headers

GET /pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNjIyMTA3Y2Y3M2VmYzM2NDY5NTljMGQwIiwic2Vzc2lvbl9pZCI6IjcxN2JiNmViZWUyZTQ0YjE5MGU2ZjI5MTEzNTk1MTcwIiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9 HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdv_mAL0PlOIqRhC3KQD35kgNLE6ZTcJuGqaZG8nWZQAlbn54hGYOLfGJlXUqJ4z_5RlF1s9C5iPcZtBLj5YoJMlbo5ZBb6z
x-goog-generation: 1505923927946539
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 609
x-goog-hash: crc32c=Yf0PfA==, md5=aAIXX2GtxAYX6LqHowqmvQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 609
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 01 Dec 2022 23:22:36 GMT
expires: Fri, 02 Dec 2022 00:22:36 GMT
cache-control: public, max-age=3600
age: 474
last-modified: Wed, 20 Sep 2017 16:12:07 GMT
etag: "6802175f61adc40617e8ba87a30aa6bd"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

logx.optimizely.com/v1/events

54.204.183.102

204 No Content

0 B

URL HTTP/1.1
logx.optimizely.com/v1/events
IP
54.204.183.102:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v1/events HTTP/1.1
Host: logx.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 920
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://id.nugs.net
Access-Control-Expose-Headers: X-Results-Data-Source
Content-Type: text/plain
Date: Thu, 01 Dec 2022 23:30:30 GMT
Server: nginx/1.21.0
Timing-Allow-Origin: *
X-Request-Id: 1d456e03-840f-447a-9e53-cb55fadfb2ac
Connection: keep-alive

cdn.nytrng.com/pl.2.2.min.js

143.204.55.58

200 OK

0 B

URL HTTP/2
cdn.nytrng.com/pl.2.2.min.js
IP
143.204.55.58:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pl.2.2.min.js HTTP/1.1
Host: cdn.nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nytrng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/plain
content-length: 0
date: Sat, 12 Nov 2022 07:11:14 GMT
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bsXa99Y-uJ3mfZ_paJGhHRChZOVvCGtNjGheB1LdFdb-NnT6VmrKGw==
age: 1700357
X-Firefox-Spdy: h2

gs.mountain.com/gs

34.212.4.35

200 OK

144 B

URL HTTP/1.1
gs.mountain.com/gs
IP
34.212.4.35:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
144 B (144 bytes)
Hash
81e7a052c55cd9c1af87900fcf78553c
51106442f3c545aa7d3def01d8a7aea86ae15faa
f936163de4114c0889ed50e02c614bbe3b30db0e561f1106ce039c9feb87c6c0

HTTP Headers

GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Cookie: guid=24d88827-71d0-11ed-a2a7-e7186f7ba26f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Thu, 01 Dec 2022 23:30:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
ec5bfaa25659d12bfeecd675987bfafa
f260e5b8c8d7ca3b03cbdd36f944105ea2af4de7
0ee92861f9cdfdcc39a73916baaa2462277559e3045151ceed520efca3d1bc86

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:30:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 05 Dec 2022 21:31:06 GMT
ETag: "f260e5b8c8d7ca3b03cbdd36f944105ea2af4de7"
Last-Modified: Thu, 01 Dec 2022 21:31:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1196
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772f9c760e5eb515-OSL

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
ec5bfaa25659d12bfeecd675987bfafa
f260e5b8c8d7ca3b03cbdd36f944105ea2af4de7
0ee92861f9cdfdcc39a73916baaa2462277559e3045151ceed520efca3d1bc86

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:30:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 05 Dec 2022 21:31:06 GMT
ETag: "f260e5b8c8d7ca3b03cbdd36f944105ea2af4de7"
Last-Modified: Thu, 01 Dec 2022 21:31:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1196
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772f9c761e6bb515-OSL

match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=24d88827-71d0-11ed-a2a7-e7186f7ba26f&gdpr=&gdpr_consent=

3.33.220.150

200 OK

70 B

URL HTTP/2
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=24d88827-71d0-11ed-a2a7-e7186f7ba26f&gdpr=&gdpr_consent=
IP
3.33.220.150:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
70 B (70 bytes)
Hash
58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

HTTP Headers

GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=24d88827-71d0-11ed-a2a7-e7186f7ba26f&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:32 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

dx.mountain.com/spx?dxver=4.0.0&shaid=32717&tdr=&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term=value

54.190.217.118

200

0 B

URL HTTP/1.1
dx.mountain.com/spx?dxver=4.0.0&shaid=32717&tdr=&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term=value
IP
54.190.217.118:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /spx?dxver=4.0.0&shaid=32717&tdr=&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Thu, 01 Dec 2022 23:30:27 GMT
connection: close

action.dstillery.com/orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined

104.18.22.234

302 Found

0 B

URL HTTP/2
action.dstillery.com/orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined
IP
104.18.22.234:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined HTTP/1.1
Host: action.dstillery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Thu, 01 Dec 2022 23:30:28 GMT
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772f9c609b43fac4-OSL
X-Firefox-Spdy: h2

px.mountain.com/st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue&cb=1669937430366821&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669937431108

35.85.106.161

200 OK

0 B

URL HTTP/1.1
px.mountain.com/st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue&cb=1669937430366821&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669937431108
IP
35.85.106.161:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue&cb=1669937430366821&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669937431108 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Cookie: guid=24d88827-71d0-11ed-a2a7-e7186f7ba26f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Thu, 01 Dec 2022 23:30:31 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWMjYyNzSPN7IwtlCyMjQzs7Q0NjcxNrQwNNZR8guKh8qaWxorWRnoKJUpWRkhi4N1GdQCAKl0lYdGAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzI3MTc6MTY2OTkzNzQzMQ==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=24d88827-71d0-11ed-a2a7-e7186f7ba26f;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close

px.mountain.com/st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term%3Dvalue&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue

35.85.106.161

200 OK

0 B

URL HTTP/1.1
px.mountain.com/st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term%3Dvalue&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue
IP
35.85.106.161:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term%3Dvalue&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Thu, 01 Dec 2022 23:30:30 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=24d88827-71d0-11ed-a2a7-e7186f7ba26f;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close

www.nugs.net/stash/

104.16.165.17

302 Found

0 B

URL HTTP/2
www.nugs.net/stash/
IP
104.16.165.17:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /stash/ HTTP/1.1
Host: www.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Thu, 01 Dec 2022 23:30:26 GMT
content-type: text/html;charset=UTF-8
location: https://www.nugs.net/login/?original=%2Fstash%2F
accept-ranges: bytes
set-cookie: dwac_9133d427c5c7360fa92e3d39f2=jKNJZPMtJd7U0fy-xo8NlF1Emc7xg17R7DE%3D|dw-only|||USD|false|US%2FPacific|true; Path=/; Secure; SameSite=None
cqcid=abOQDd1qQjOquD0sDnQ1NNPnIn; Path=/; Secure; SameSite=None
cquid=||; Path=/; Secure; SameSite=None
sid=jKNJZPMtJd7U0fy-xo8NlF1Emc7xg17R7DE; Path=/; Secure; SameSite=None
dwanonymous_e08898a5baf36d7bf8eac33b900a38fb=abOQDd1qQjOquD0sDnQ1NNPnIn; Version=1; Comment="Demandware anonymous cookie for site Sites-NugsNet-Site"; Max-Age=15552000; Expires=Tue, 30-May-2023 23:30:26 GMT; Path=/; Secure; SameSite=None
__cq_dnt=0; Path=/; Secure; SameSite=None
dw_dnt=0; Path=/; Secure; SameSite=None
dwsid=3JiaS5xVcFAKJgEzDCUSew1_SuGe-wtfMsaz0-dRqPywbVZMjrr7VOAjY32SCFEev-Giv7fWhyesjcEgbvZz8w==; path=/; HttpOnly; Secure; SameSite=None
x-dw-request-base-id: L-ffSBI5iWMBAAB_
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772f9c4f1f4f1c06-OSL
X-Firefox-Spdy: h2

www.nugs.net/login/?original=%2Fstash%2F

104.16.165.17

302 Found

0 B

URL HTTP/2
www.nugs.net/login/?original=%2Fstash%2F
IP
104.16.165.17:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /login/?original=%2Fstash%2F HTTP/1.1
Host: www.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dwac_9133d427c5c7360fa92e3d39f2=jKNJZPMtJd7U0fy-xo8NlF1Emc7xg17R7DE%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=abOQDd1qQjOquD0sDnQ1NNPnIn; cquid=||; sid=jKNJZPMtJd7U0fy-xo8NlF1Emc7xg17R7DE; dwanonymous_e08898a5baf36d7bf8eac33b900a38fb=abOQDd1qQjOquD0sDnQ1NNPnIn; __cq_dnt=0; dw_dnt=0; dwsid=3JiaS5xVcFAKJgEzDCUSew1_SuGe-wtfMsaz0-dRqPywbVZMjrr7VOAjY32SCFEev-Giv7fWhyesjcEgbvZz8w==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 302 Found
date: Thu, 01 Dec 2022 23:30:26 GMT
content-type: text/html;charset=UTF-8
location: https://id.nugs.net/connect/authorize?client_id=3TwoVlLAUFrJX33n3HSCSO&redirect_uri=https://www.nugs.net/on/demandware.store/Sites-NugsNet-Site/default/Login-OAuthReentry&response_type=code&scope=offline_access%20nugsnet:api%20nugsnet:legacyapi%20openid%20profile%20email&state=2020360286
accept-ranges: bytes
x-dw-request-base-id: L-fhSBI5iWMBAAB_
set-cookie: __cq_dnt=0; Path=/; Secure; SameSite=None
dw_dnt=0; Path=/; Secure; SameSite=None
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772f9c5248d31c06-OSL
X-Firefox-Spdy: h2

public.profitwell.com/js/profitwell.js?auth=bb3ac3072e04dce65d4c1fb6e54a520b

54.230.111.96

200 OK

0 B

URL HTTP/2
public.profitwell.com/js/profitwell.js?auth=bb3ac3072e04dce65d4c1fb6e54a520b
IP
54.230.111.96:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/profitwell.js?auth=bb3ac3072e04dce65d4c1fb6e54a520b HTTP/1.1
Host: public.profitwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Dec 2022 04:29:46 GMT
cache-control: public,max-age=86400
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: etsSmzsx36jCO-w0C9e_lVRBZ-KXsw688FyWt1KZxEVb5Uqofczq_Q==
age: 68443
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (50)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations