2nu.gs/stash
67.199.248.12302 Found 114 B IP 67.199.248.12:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d10a0ac57ca9a806d62f85f5a7dfd5fc
6012311412062147b565cfd066a199df7d9c5e63
3ea8115f3f463ad3be394685c7c66b30d9dc8864cf994bc7da97fe80e185b932
GET /stash HTTP/1.1
Host: 2nu.gs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Dec 2022 23:30:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 114
Cache-Control: private, max-age=90
Content-Security-Policy: referrer always;
Location: https://www.nugs.net/stash/
Referrer-Policy: unsafe-url
Set-Cookie: _bit=mb1nup-a7e301ad15110b20c1-00X; Domain=2nu.gs; Expires=Tue, 30 May 2023 23:30:25 GMT
Strict-Transport-Security: max-age=1209600
Via: 1.1 google
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5074
Expires: Fri, 02 Dec 2022 00:54:59 GMT
Date: Thu, 01 Dec 2022 23:30:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3511
Cache-Control: max-age=129558
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:25 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:29:43 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8598
Expires: Fri, 02 Dec 2022 01:53:43 GMT
Date: Thu, 01 Dec 2022 23:30:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 23:18:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 735
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1Cd1qUSfp6zQLX8F5nQozJoDcapubJSLYBIeW63/+jcTM9dEdAhahQyzSQH0/Uph7NoQ60CX2R8=
x-amz-request-id: 52CPJD7CZ0Q1NNJ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 22:45:50 GMT
age: 2675
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 23:30:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 59a48c1670241cfaa6337887e5a29f8b
a61e30e4933a489885a77bf892f295bbe071fc6f
19817f120365cae6c1e3c9c50ea054a68a7f29b6c491a0257a208aed7c43449b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 01 Dec 2022 23:30:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:03:45 GMT
Expires: Fri, 02 Dec 2022 20:03:45 GMT
ETag: "a61e30e4933a489885a77bf892f295bbe071fc6f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 23:08:56 GMT
cache-control: public,max-age=3600
age: 1289
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3505
Cache-Control: max-age=124488
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:26 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:05:14 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.13.173.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.173.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +gqaB81SrGTptA4uX9Gvlw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RWkp2P3j73tp0TtusKQH+F+S+ss=
id.nugs.net/connect/authorize?client_id=3TwoVlLAUFrJX33n3HSCSO&redirect_uri=https://www.nugs.net/on/demandware.store/Sites-NugsNet-Site/default/Login-OAuthReentry&response_type=code&scope=offline_access%20nugsnet:api%20nugsnet:legacyapi%20openid%20profile%20email&state=2020360286
20.49.97.21302 Found 0 B URL HTTP/1.1 id.nugs.net/connect/authorize?client_id=3TwoVlLAUFrJX33n3HSCSO&redirect_uri=https://www.nugs.net/on/demandware.store/Sites-NugsNet-Site/default/Login-OAuthReentry&response_type=code&scope=offline_access%20nugsnet:api%20nugsnet:legacyapi%20openid%20profile%20email&state=2020360286
IP 20.49.97.21:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connect/authorize?client_id=3TwoVlLAUFrJX33n3HSCSO&redirect_uri=https://www.nugs.net/on/demandware.store/Sites-NugsNet-Site/default/Login-OAuthReentry&response_type=code&scope=offline_access%20nugsnet:api%20nugsnet:legacyapi%20openid%20profile%20email&state=2020360286 HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Content-Length: 0
Date: Thu, 01 Dec 2022 23:30:26 GMT
Server: Microsoft-IIS/10.0
Location: https://id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET
id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286
20.49.97.21200 OK 4.1 kB URL HTTP/1.1 id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286
IP 20.49.97.21:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (539)
Hash 62f2e31890b9bba0c97f24e36cbe1e99
97c7cf7911522b28f6be16e6d5fc9dae71fe869a
8eda74bd0e495f7d959e1a8d320b02df475c28b4c73cd4199558e7b4eca420e6
GET /account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286 HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Dec 2022 23:30:26 GMT
Server: Microsoft-IIS/10.0
Cache-Control: no-cache, no-store
Content-Encoding: gzip
Pragma: no-cache
Set-Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; path=/; samesite=strict; httponly
.AspNetCore.Mvc.CookieTempDataProvider=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax; httponly
Transfer-Encoding: chunked
Vary: Accept-Encoding
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2f1d1e0007d1ba038ac919cc334dca7d
4f3c8cf53099b4a2844ce33d927d2f637d568ff0
d34a6d2d4672091f991673b5cf5e89dd224ff90ff20360db8493241ad1e31fde
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3445
Cache-Control: max-age=116907
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:27 GMT
Etag: "63885149-117"
Expires: Sat, 03 Dec 2022 07:58:54 GMT
Last-Modified: Thu, 01 Dec 2022 07:01:29 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 638a4990025383a0f83ebf29bdb84a68
153e8818dc42f598e47fde8cf398f1447649a4d0
878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3104451
expires: Tue, 21 Nov 2023 23:30:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f60Xn8RA7iWW1YILwd4tu1lmw%2BI0gHGXkga3BZiQNe2N8CMWJfdT48yGJ0e86iESTYb3zfLTE41NuOTrQhlbevAh9m489VPJKJ2HFZPDwTYvJf4%2FN4eRnWnM6oYL5rMcYLximt9I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 772f9c59be21b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/jquery.validate.unobtrusive.min.js
104.17.24.14200 OK 1.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/jquery.validate.unobtrusive.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (5607), with CRLF line terminators
Hash 74f2782da27b2fc1635941a39a5a859e
eb58c162c765d0905f3bd3e73c901db671939881
558b2a8778c3356150521ff276c329887f24dfad16461da991fa8b7d6df0b742
GET /ajax/libs/jquery-validation-unobtrusive/3.2.11/jquery.validate.unobtrusive.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 1947
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-16ef"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1840939
expires: Tue, 21 Nov 2023 23:30:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clZwxTbUaiB6gg9guU0HcjqN8xVVFzei8rPRtReLIWCFeksGA8H9uXvaC9uuChLxGASCqyNe%2BjkP%2FT9YCrUlY%2BZEH9PPXhOQm%2FG8JZVmsbEWykFBJ6mTNK%2BvxJXJ87%2B5eH68Gqm4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 772f9c59be23b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js
104.17.24.14200 OK 6.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (24237)
Hash b1e2dc68243b810ee78fd1669609bafd
cc50ce023a61f353ed284f0b320ff67191264ff7
21913cb0aebf31a225870b0baf58d04c077454d72a40c2061a415e4a297f59c0
GET /ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 6929
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-5f38"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 23010
expires: Tue, 21 Nov 2023 23:30:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJR4eSPr8MXJ6xw6LpG%2B667Io1X9cP7NM1PpvxXcm0QzqbFGxqwI5LEjTC6lb47DviwpV5hDFRl%2BKZT997Rrbjc7KE%2Fm0ib7J3Y7rNkdsDt4N1sg8ah6tRqDXEwS4YNphJUisusO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 772f9c59ce25b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2f1d1e0007d1ba038ac919cc334dca7d
4f3c8cf53099b4a2844ce33d927d2f637d568ff0
d34a6d2d4672091f991673b5cf5e89dd224ff90ff20360db8493241ad1e31fde
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3445
Cache-Control: max-age=116907
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:27 GMT
Etag: "63885149-117"
Expires: Sat, 03 Dec 2022 07:58:54 GMT
Last-Modified: Thu, 01 Dec 2022 07:01:29 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
20.49.97.21200 OK 2.8 kB URL HTTP/1.1 id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
IP 20.49.97.21:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 266a169dcd16aeac6eb9d2eda3574797
53fb0fe1fc7b39f7e648ef6387ec1b17d3e069ff
eabc9182fc6e26fa6cd0a55712ce613f02906f1ada511f17eb0dfd4e57d87173
GET /css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8f5109675a37f"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET
cdn.optimizely.com/js/20105345443.js
23.38.200.155200 OK 95 kB URL HTTP/2 cdn.optimizely.com/js/20105345443.js
IP 23.38.200.155:0
File type ASCII text, with very long lines (65468)
Hash e90ebeb8d25565f0bdfda4abc4b1f5c2
cfe2cb8025887db2e46414afa047ddf5801813a4
100e0dd4b1d90559d9e93c19f3eab8264331fff6b64e270e98beb7ceb63bca33
GET /js/20105345443.js HTTP/1.1
Host: cdn.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WTtHWsOtRISvwgUSslMJzHQ7oWFXUQlPdUJUYiMr+WqMMNdXBbeBSGvpZoOX3eVTNVb7rYBK1Cw=
x-amz-request-id: 6RXHR58KNQVRYPMR
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Dec 2022 15:53:11 GMT
etag: "e90ebeb8d25565f0bdfda4abc4b1f5c2"
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 934
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: erDNigsu5n2Hbh9CBfRUo3EDLPEAjhGi
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
server: AmazonS3
content-length: 95345
vary: Accept-Encoding
cache-control: max-age=120
date: Thu, 01 Dec 2022 23:30:27 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="2";dur=0,cdnip;desc="23.38.200.155";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7562
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:30:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7562
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:30:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7562
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:30:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7562
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:30:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:08:56 GMT
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
age: 4891
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16a112f00456d38c4c9e051ccf40e105
8fe32fffe672f0e91ce773af0e4be960f55bad08
43517bbcd17ec6d05d09a4c0d183610acdc7e2fa4767cb786cb8b936d5f44402
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13461
x-amzn-requestid: 8c0121a6-cf29-4cd0-bd42-d9f67af62b84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsyGhGoAMF1-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7eb-593f28367320530e2dcafbfb;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: npt-A-TEzjd-QRTVhv5FMJhwlYujCRCF7tyYbathxjCdCFFEwh_vEQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:59:42 GMT
age: 66645
etag: "8fe32fffe672f0e91ce773af0e4be960f55bad08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
104.18.10.207200 OK 30 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (65324)
Hash 17653076f083d1fcb1d05af910d9f94c
218fbab106de47c4153c12bc89d2adaab1e3a2b9
966353fbd61dfbee67ff809d24c93a77fbd6b0a055c3294b4c1b9f241c4d5a91
GET /bootstrap/4.5.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-cachedat: 2021-06-08 14:20:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 1ecf5737ec240277d3bc1fc3406bd1fe
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 16152980
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 772f9c59cbda0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 17nFm7AQdmRYS_af-EJ4XBVw8l3YudcphlpcZMveuVjvjhhYdkAQsw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:33:10 GMT
age: 3437
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 6940
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82ea44d6cb116fb1f5752ce9bb87e345
f799dfd89a4f5a452dc837b8616549f578fb4184
e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nwKxQKsw8g5zCzfMFu_XpOac5rhImez29TKrycGJzozZyHTzoCHASw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:20:06 GMT
age: 4221
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-WPL3GVV
142.250.74.168200 OK 107 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WPL3GVV
IP 142.250.74.168:0
File type ASCII text, with very long lines (52242)
Size 107 kB (107152 bytes)
Hash e9d120045ded91e82133c829ccf893db
3f5d6390eede1650c4c3bd8fbdb33c6d70a4ca66
a23d0a55caf89c828b14b03a572ccc2ced0e378af26be7bdd4da5465cf5de9d7
GET /gtm.js?id=GTM-WPL3GVV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 23:30:27 GMT
expires: Thu, 01 Dec 2022 23:30:27 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 22:13:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 107152
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id.nugs.net/fonts/Metropolis-Bold.woff2
20.49.97.21200 OK 26 kB URL HTTP/1.1 id.nugs.net/fonts/Metropolis-Bold.woff2
IP 20.49.97.21:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), CFF, length 26428, version 11.0\012- data
Hash dc6926c36da3e0c92f173fde539a9fdc
7df32375dfbc1955dd873e44bfc4bfd585f13779
9a712a2c31daff2a307d935ebea4ac29bad1a93a75349e0edec1d3eb42f1d2eb
GET /fonts/Metropolis-Bold.woff2 HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 26428
Content-Type: font/woff2
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f5109675f13c"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET
a20105345443.cdn.optimizely.com/client_storage/a20105345443.html
104.110.8.48200 OK 785 B URL HTTP/2 a20105345443.cdn.optimizely.com/client_storage/a20105345443.html
IP 104.110.8.48:0
File type HTML document, ASCII text, with very long lines (1371)
Hash 5f387893e771aaa86ddcca00c72fb349
10ff789f95d7a2797f8331be6f1282bfc0d98023
ee6ae23677a37ae3490a33fa369dd5cca60f8de4d999b0ea71f967feb7dabff1
GET /client_storage/a20105345443.html HTTP/1.1
Host: a20105345443.cdn.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KFyjgxmZHvIWjuwnfo1ZcCvGLfIOwjdbr6TTtSPOMVSFn0Fc4DrNeRgYvuW1/xoUrkpFjqjI5lg=
x-amz-request-id: 4BME587VB6VWG49H
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Dec 2022 15:54:04 GMT
etag: "5f387893e771aaa86ddcca00c72fb349"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: gV9u7JztHuCMNjXcoyKWT1h58q2uGsPl
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
content-length: 785
vary: Accept-Encoding
cache-control: max-age=120
date: Thu, 01 Dec 2022 23:30:28 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="1";dur=0,cdnip;desc="104.110.8.48";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
status.rapidssl.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a3bf956d18db39f24a7c02c8e45fcc64
ebe09f34c7c24af2a726828827671da9d97354d8
ec63126bdba7c9407e892f6247639397a5fe9657a5021b107d964d3f2074ca22
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 317
Cache-Control: max-age=100797
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Etag: "63881e94-1d7"
Expires: Sat, 03 Dec 2022 03:30:25 GMT
Last-Modified: Thu, 01 Dec 2022 03:25:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 920992c4818e7d17517e3dfef67a22c1
407b7e56fbb4faacca123af367b6cfdf0b7b2d99
527197c1e55e0b319d64e59070906d60084827233a6d7498cf63145ab665c424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upsellit.com/active/nugsnet.jsp
34.117.39.58200 OK 11 kB URL HTTP/2 www.upsellit.com/active/nugsnet.jsp
IP 34.117.39.58:0
File type ASCII text, with very long lines (8683), with CRLF, LF line terminators
Hash 53a32d0e7c4875cfe0fd2169815e57e8
9dccf09234ae63d22760c3df643e8259ed25ba0f
2aef24f895cb1ba6e0b964267bfb9c832ca8c3896977cf0b65b63c30d72dbb0f
GET /active/nugsnet.jsp HTTP/1.1
Host: www.upsellit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
date: Thu, 01 Dec 2022 08:19:20 GMT
expires: Fri, 02 Dec 2022 08:19:20 GMT
cache-control: max-age=86400
content-type: application/x-javascript;charset=ISO-8859-1
content-length: 11028
age: 54668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 09ea8683e3db4d772067295ed6d9c834
543239e611ab34fcfef30cdcead7d478d2ce7ee2
0831bcfbbacf2706e748751495c7735d1bda7fceb2e1e8727ce1adc86b8bf53f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Etag: "638903c5-2d7"
Last-Modified: Thu, 01 Dec 2022 22:43:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 727
11179964.fls.doubleclick.net/activityi;src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286?
142.250.74.38200 OK 443 B URL HTTP/2 11179964.fls.doubleclick.net/activityi;src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (883), with no line terminators
Hash 508834f4a48c59ac38c578c4edde62c6
24748aeb619c14f58f0cb948a7e25c965026a88e
4786c238976b681c69f3f442506b036aceff62f7f3413dba0dc9f4217d555b98
GET /activityi;src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286? HTTP/1.1
Host: 11179964.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 23:30:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 443
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Dec-2022 23:45:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.rapidssl.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a3bf956d18db39f24a7c02c8e45fcc64
ebe09f34c7c24af2a726828827671da9d97354d8
ec63126bdba7c9407e892f6247639397a5fe9657a5021b107d964d3f2074ca22
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1548
Cache-Control: max-age=102028
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Etag: "63881e94-1d7"
Expires: Sat, 03 Dec 2022 03:50:56 GMT
Last-Modified: Thu, 01 Dec 2022 03:25:08 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 920992c4818e7d17517e3dfef67a22c1
407b7e56fbb4faacca123af367b6cfdf0b7b2d99
527197c1e55e0b319d64e59070906d60084827233a6d7498cf63145ab665c424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
container.pepperjam.com/1965331760.js
54.230.111.50200 OK 9.1 kB URL HTTP/2 container.pepperjam.com/1965331760.js
IP 54.230.111.50:0
File type ASCII text, with very long lines (8087)
Hash 28eb02a2d07c40f909871bc9cc263010
94f210cc78ee3c383699fbb17462accc0eb870bc
403435c3ed5ba934b6ae1e897ad60794d3f97b1cf88a086642c08cce7fddca9b
GET /1965331760.js HTTP/1.1
Host: container.pepperjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 9100
x-amz-replication-status: COMPLETED
last-modified: Mon, 28 Jun 2021 22:29:53 GMT
x-amz-version-id: LT7Lolk4YOHliSKUsOKoh2VD2SHrs5QV
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 23:30:28 GMT
cache-control: max-age=900
etag: "28eb02a2d07c40f909871bc9cc263010"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8Rbc4U1K54ckp9M0Pu2kKFVFkj_qAA1O3ivGVgTt-i0Xpy8eT8L28A==
age: 275
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id.nugs.net/img/btn-google.svg
20.49.97.21200 OK 1.5 kB URL HTTP/1.1 id.nugs.net/img/btn-google.svg
IP 20.49.97.21:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (347)
Hash c622e91c4bdc23706bfb0b53dd16195a
6e0ffc1565c71a45fd4fa995f9fa066fe0afc966
8f045c06644169902f019a4e6ca307c193a82a949c32c40dc1269ea233a56f3d
GET /img/btn-google.svg HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1505
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f510967593e1"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET
id.nugs.net/img/btn-apple-black.svg
20.49.97.21200 OK 1.4 kB URL HTTP/1.1 id.nugs.net/img/btn-apple-black.svg
IP 20.49.97.21:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (1260)
Hash 7b650fe1fc2ed1ac01dc89e9704be866
9bdd2bc38a4f995bf3432681316005c1ff63bb82
d37196a1cfb3421798eb8be2c43607c10bbad42714023ac1df6077baa2755afb
GET /img/btn-apple-black.svg HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1384
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f51096759368"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET
adservice.google.com/ddm/fls/i/src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286
142.250.74.130200 OK 445 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (882), with no line terminators
Hash 7c85acf5c2c7cdb32d8631d019be6deb
f2d368278a277fca2034f2c78c491d47a193ad2a
af010dd7a89f5e00c7ce803bfec366c61e874b8aae2f52bf3bb61483a7996cc8
GET /ddm/fls/i/src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11179964.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 23:30:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 445
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
id.nugs.net/img/btn-facebook-white.svg
20.49.97.21200 OK 677 B URL HTTP/1.1 id.nugs.net/img/btn-facebook-white.svg
IP 20.49.97.21:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (403)
Hash 66010609d6062d70fd119c0e2b77d21f
debd99a05a6e438e9b8c996282e287dc6496914d
7ad7f3ece770f68d920521d7876efa8d144199d931f67c193a45065825a32813
GET /img/btn-facebook-white.svg HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 677
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f510967594a5"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET
shop.pe/widget/widget_async.js
35.227.244.1301 Moved Permanently 178 B URL HTTP/2 shop.pe/widget/widget_async.js
IP 35.227.244.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /widget/widget_async.js HTTP/1.1
Host: shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 23:30:28 GMT
content-type: text/html
content-length: 178
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
x-frame-options: deny
content-security-policy: frame-ancestors none;
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 09ea8683e3db4d772067295ed6d9c834
543239e611ab34fcfef30cdcead7d478d2ce7ee2
0831bcfbbacf2706e748751495c7735d1bda7fceb2e1e8727ce1adc86b8bf53f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Etag: "638903c5-2d7"
Last-Modified: Thu, 01 Dec 2022 22:43:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 727
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id.nugs.net/fonts/Metropolis-Light.woff2
20.49.97.21200 OK 26 kB URL HTTP/1.1 id.nugs.net/fonts/Metropolis-Light.woff2
IP 20.49.97.21:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), CFF, length 25912, version 11.0\012- data
Hash f193bc290b53e92268366b8d89e31e66
a37841b49a2508ec01b7e831830d1a7e17303c8f
3664cf60656a87a7e1bf1d1e98cfe7e83d01a00133508251757fdbd1b9128d3a
GET /fonts/Metropolis-Light.woff2 HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 25912
Content-Type: font/woff2
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f5109675f338"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET
id.nugs.net/fonts/Metropolis-Regular.woff2
20.49.97.21200 OK 24 kB URL HTTP/1.1 id.nugs.net/fonts/Metropolis-Regular.woff2
IP 20.49.97.21:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), CFF, length 24152, version 11.0\012- data
Hash 7b9a798c0a745aa9b5fec632bfccaad7
48bb4cb0a99bbab907487213c3beb4211a2f5427
e920e6b0e7987aceb8df32656d01d44057e2c08646716202d594e06b5010ae70
GET /fonts/Metropolis-Regular.woff2 HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://id.nugs.net/css/site.css?v=0WAs7xR2lr3GC-blgeRCsQVcDoI3Q27DwoWfaSYfCtk
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 24152
Content-Type: font/woff2
Date: Thu, 01 Dec 2022 23:30:27 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f5109675c858"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286
142.250.74.98200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=11179964;type=freet0;cat=pagev0;ord=6058467509855;gtm=2wgbu0;auiddc=1164324903.1669937426;~oref=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 23:30:28 GMT
expires: Thu, 01 Dec 2022 23:30:28 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash e2a1671bcf52ee924d5b1a78374cea7e
fe03277189efedc6a7f6c733b430550061e9d036
937dc2c0054454f3cc12297ba542311d918bc3605039a0bbace1c79c0b973286
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 01 Dec 2022 23:30:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 22:14:25 GMT
Expires: Fri, 02 Dec 2022 22:14:25 GMT
ETag: "fe03277189efedc6a7f6c733b430550061e9d036"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 7b3adc27ee30eab3059de85690badfe9
eb276b7e511c37fdc3f93f4f6bcbbecd3c49273a
bc46c46178bad6aa8d1964c29f53be2223dc3fc8041303a646df2e8222224ae6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:30:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 23:37:31 GMT
Expires: Tue, 06 Dec 2022 23:37:30 GMT
Etag: "eb276b7e511c37fdc3f93f4f6bcbbecd3c49273a"
Cache-Control: max-age=431821,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772f9c5dfcfcb527-OSL
cdn.amplitude.com/libs/amplitude-8.3.0-min.gz.js
54.230.245.209200 OK 22 kB URL HTTP/2 cdn.amplitude.com/libs/amplitude-8.3.0-min.gz.js
IP 54.230.245.209:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a20730278e9e77196588a060ee851250
6807b9584fb144f466d95259f9dd2d68f0793dfc
3db06c33e72522ad95b8a6301b4395968d0c26ebca98d8a09424f95c1500311c
GET /libs/amplitude-8.3.0-min.gz.js HTTP/1.1
Host: cdn.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 21502
date: Mon, 06 Jun 2022 04:03:28 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Wed, 26 May 2021 21:27:28 GMT
etag: "a20730278e9e77196588a060ee851250"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: Fm5nJPZoG_bv_LRUhAxwaRJUULlHf3ar
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5X8RUsRdJNxiBynw1yO9Gy1CQOAdK4grfin3T3vs9FjDtC6WBNNsWw==
age: 15449221
X-Firefox-Spdy: h2
d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
143.204.55.91200 OK 905 B URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
IP 143.204.55.91:0
File type ASCII text, with very long lines (559)
Hash 8f9a4e574f11ca1ea10db98fd6687660
24524c8493f0ca5573f353600dd66ba22406cd9c
f16fda04be22fc56edd4df978a54704d27b942f694ba82fab5a7d3b1c13428b8
GET /widget/widget_async.js HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 905
last-modified: Tue, 15 Nov 2022 21:39:30 GMT
content-encoding: gzip
x-amz-meta-mtime: 1668548367.69
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 23:11:30 GMT
cache-control: max-age=3600, public
etag: "8f9a4e574f11ca1ea10db98fd6687660"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nEUPlLEt__y8n5EkQ0qU30roq2eU_ras5zy9MiuW_UB60J9SfD6lkg==
age: 1146
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 22:41:08 GMT
expires: Fri, 02 Dec 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 2960
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/814607108/?random=1669937426479&cv=11&fst=1669937426479&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&auid=1164324903.1669937426&rfmt=3&fmt=4
142.250.74.130200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/814607108/?random=1669937426479&cv=11&fst=1669937426479&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&auid=1164324903.1669937426&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2653), with no line terminators
Hash e0f492d58cb53688adf7c4ddd5495e56
b9b1df02758db33cc823cbb62711272eb264beca
502d6b2bcc8d57748138149a75707008e5ba83deed9b4231f2839a54a5c71016
GET /pagead/viewthroughconversion/814607108/?random=1669937426479&cv=11&fst=1669937426479&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&auid=1164324903.1669937426&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 23:30:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1069
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Dec-2022 23:45:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a48642d82eee3c432a3f38879f9541b
f53e46a8406bbad51319826db59b6c265622241f
33a0510300258746dda57d56cf6fec74147cd138f7bae2c609d0976841fc3adc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3224
Cache-Control: max-age=90385
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Etag: "6387ea8d-1d7"
Expires: Sat, 03 Dec 2022 00:36:53 GMT
Last-Modified: Wed, 30 Nov 2022 23:43:09 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
id.nugs.net/favicon.ico
20.49.97.21200 OK 1.2 kB IP 20.49.97.21:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 93e3e8957c0374c9c1c0d2e8a3e4d9f4
ab5bb19911212eaa6be5af3ddac4552b5a4f049a
8caf6476ad4bfe1ae426cc23b865d7aebfc0c8967e7f199080040573b08c5975
GET /favicon.ico HTTP/1.1
Host: id.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D3TwoVlLAUFrJX33n3HSCSO%26redirect_uri%3Dhttps%253A%252F%252Fwww.nugs.net%252Fon%252Fdemandware.store%252FSites-NugsNet-Site%252Fdefault%252FLogin-OAuthReentry%26response_type%3Dcode%26scope%3Doffline_access%2520nugsnet%253Aapi%2520nugsnet%253Alegacyapi%2520openid%2520profile%2520email%26state%3D2020360286
Cookie: .AspNetCore.Antiforgery.9fXoN5jHCXs=CfDJ8L3EZuEAcK9HoQaPSwPyjxdWO4I4iKetIVYOVerNJBYhieq4VcjvrHdnm939WS24GWm3_geVh1gZf18xlMvh657mS9kED-Je-Ek-85KPxvzC04105CyZRnmLeXCLSvyu9QkkZA5-0RdsqEX0b1bougk; optimizelyEndUserId=oeu1669937426162r0.6592618305477232; _gcl_au=1.1.1164324903.1669937426
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1150
Content-Type: image/x-icon
Date: Thu, 01 Dec 2022 23:30:28 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8f5109675927e"
Last-Modified: Thu, 10 Nov 2022 14:27:40 GMT
Request-Context: appId=cid-v1:5df72e50-8d95-46ca-a34b-8f398655e201
X-Powered-By: ASP.NET
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.240.1200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.240.1:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: uhlnjhK6cSe0cwTTNOy1iU5zyL3ZInohfrQyneuacLeIK8OePa6YkHxQAEjX8JYlaqO8EE3zWqd3Oc9HNtfH6w==
content-length: 27340
x-fb-trip-id: 1679558926
date: Thu, 01 Dec 2022 23:30:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a48642d82eee3c432a3f38879f9541b
f53e46a8406bbad51319826db59b6c265622241f
33a0510300258746dda57d56cf6fec74147cd138f7bae2c609d0976841fc3adc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3224
Cache-Control: max-age=90385
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:28 GMT
Etag: "6387ea8d-1d7"
Expires: Sat, 03 Dec 2022 00:36:53 GMT
Last-Modified: Wed, 30 Nov 2022 23:43:09 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
static.hotjar.com/c/hotjar-3013110.js?sv=7
143.204.55.84200 OK 3.9 kB URL HTTP/2 static.hotjar.com/c/hotjar-3013110.js?sv=7
IP 143.204.55.84:0
File type ASCII text, with very long lines (5909)
Hash 686583a530dd2d0cc0c8a514585d4cf2
cfbe87dc4a1b488953c3473243a29c5d44a87292
4914ff826e52014c53846e2e7e4715d4562b9cd5e5bca0d1a25005129e6e8ac6
GET /c/hotjar-3013110.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 01 Dec 2022 23:30:28 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/7e045a38874ae513dd2b6b74b1ebed38
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zSbdYItuVdK1ODQ0CIIdDAw7psvXcd5scmJjZWFtx7R2ZZQ7LGYMlw==
X-Firefox-Spdy: h2
d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
143.204.55.91200 OK 3.8 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
IP 143.204.55.91:0
File type ASCII text, with very long lines (583)
Hash 6f8d2d39d5726872bebba803a41bb024
2b7c6aa4941537ae52e1f32bfe642dfd440f5cbc
1de43985c42cfd2c6d39a3b7b30957bc1dde1208bd5bbbc94695d4c357383a01
GET /widget/triggerRunner.js?v=c317b78 HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 3772
date: Tue, 15 Nov 2022 21:40:34 GMT
last-modified: Tue, 15 Nov 2022 21:39:30 GMT
etag: "6f8d2d39d5726872bebba803a41bb024"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1668548367.68
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZEoYVFNHXXJVU6eSBj5sgjr_fou_z41vHZbraTKXYC2GRWJTp3UYUg==
age: 1388996
X-Firefox-Spdy: h2
script.hotjar.com/modules.90de377b639fd5b933d2.js
143.204.55.68200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.90de377b639fd5b933d2.js
IP 143.204.55.68:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 8766036825574dfbddbfc197bd098f6b
3c6087743e1b23d7f071f66d65bec1fdb143a2c2
89c7cf4e7103f90d1cc059e02ac95e97a976de4867e6215945fa6046b04db0b8
GET /modules.90de377b639fd5b933d2.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68504
date: Thu, 01 Dec 2022 13:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8766036825574dfbddbfc197bd098f6b"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PAF7KZAQ9nDpAYjGXOaXzbwDD9LlbwqGySnoTVreZ3AWbOR6-tqfHw==
age: 35603
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:30:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/814607108/?random=1669937426479&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&fmt=3&is_vtc=1&random=2867843829&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/814607108/?random=1669937426479&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&fmt=3&is_vtc=1&random=2867843829&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/814607108/?random=1669937426479&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&fmt=3&is_vtc=1&random=2867843829&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 23:30:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/814607108/?random=1669937426479&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&fmt=3&is_vtc=1&random=2867843829&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/814607108/?random=1669937426479&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&fmt=3&is_vtc=1&random=2867843829&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/814607108/?random=1669937426479&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&tiba=Login%20%7C%20nugs.net&fmt=3&is_vtc=1&random=2867843829&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 23:30:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
143.204.55.91200 OK 48 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
IP 143.204.55.91:0
File type ASCII text, with very long lines (778)
Hash db6577d43efa27de385813e4eb9bf7a8
8a6816a745cf7445b211d08c7a0741e1e3e33e93
e946a88e3447423c1cea32a407f7f060ce07bf2947c2e1c56ee6e3041bced35f
GET /widget/widget.js?v=90709db HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 47685
date: Tue, 15 Nov 2022 21:40:33 GMT
last-modified: Tue, 15 Nov 2022 21:39:31 GMT
etag: "db6577d43efa27de385813e4eb9bf7a8"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1668548366.14
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: E7orOIpUa71kVglvPgbF2plxoIHmisVfnUdbO-lPaLBZLBaf-hxLYw==
age: 1388997
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ea4c0e0ab811f65f5ff773ec687c7f6b
8fd72e42a6212a5f7d45e369134751bba7219f62
12207bb36053632d9a01d5afbe2e448c3845fbad88954b3ba631d362cc065df9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:30:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 02:54:24 GMT
Expires: Wed, 07 Dec 2022 02:54:23 GMT
Etag: "8fd72e42a6212a5f7d45e369134751bba7219f62"
Cache-Control: max-age=443633,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772f9c648c1db527-OSL
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21272837-8&cid=2127707211.1669937427&jid=1359982208&gjid=656679272&_gid=1604399674.1669937427&_u=YEBAAUAAAAAAACAFK~&z=350049764
108.177.14.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21272837-8&cid=2127707211.1669937427&jid=1359982208&gjid=656679272&_gid=1604399674.1669937427&_u=YEBAAUAAAAAAACAFK~&z=350049764
IP 108.177.14.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21272837-8&cid=2127707211.1669937427&jid=1359982208&gjid=656679272&_gid=1604399674.1669937427&_u=YEBAAUAAAAAAACAFK~&z=350049764 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://id.nugs.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Dec 2022 23:30:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vc.hotjar.io/sessions/3013110?s=0.25&r=0.11341907818959851
54.230.111.8204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/3013110?s=0.25&r=0.11341907818959851
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/3013110?s=0.25&r=0.11341907818959851 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Thu, 01 Dec 2022 23:30:29 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bq4wAGhBizmzvVI6hTxgQ5BdqgiJfuaI7iIJ0rxBNPb18hpW5evCzQ==
X-Firefox-Spdy: h2
44.238.122.172/is
44.238.122.172200 OK 32 B IP 44.238.122.172:0
File type ASCII text, with no line terminators
Hash c80c42a604e86e3337ee764894269fa6
2afb86cf507db8cb64ce8091bbac0ff934ebb4b0
2bfc5872d3ef7afb8ce9a4b9e3c0ecb176d318aaad677220ff757b986a641262
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 44.238.122.172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://id.nugs.net/
Origin: https://id.nugs.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 01 Dec 2022 23:30:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash ddbe7e223cebe9b4cee9b18bf83c169e
ebb7ff47ccb3f7f73e685b3c302fbc0118060bd5
c298452882eacc78e6a1a6706c6e00af8becadf5da38d5d02dc19a860c75a35c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Dec 2022 23:30:29 GMT
Last-Modified: Thu, 01 Dec 2022 22:32:06 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6_8QAMli4S-nyEpLkr5VdopZvVOU2aRvXAZjummB_MxwYh5Tmo81og==
Age: 3503
ocsp.comodoca.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f15e471c24424484b2bebcd675bd294c
78fbec83f71c32557a78b0e09df2888e77155eed
955e56f58c5c1d1fb224cc75775957a49e5bc8328d22219031d9bbc1191f8af0
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:30:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 03:38:20 GMT
Expires: Wed, 07 Dec 2022 03:38:19 GMT
Etag: "78fbec83f71c32557a78b0e09df2888e77155eed"
Cache-Control: max-age=602536,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1091
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772f9c674e68b4e8-OSL
www.facebook.com/tr/?id=584020173505835&ev=PageView&dl=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&rl=&if=false&ts=1669937427849&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669937427848.1694929945&it=1669937427204&coo=false&rqm=GET
157.240.240.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=584020173505835&ev=PageView&dl=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&rl=&if=false&ts=1669937427849&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669937427848.1694929945&it=1669937427204&coo=false&rqm=GET
IP 157.240.240.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=584020173505835&ev=PageView&dl=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&rl=&if=false&ts=1669937427849&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669937427848.1694929945&it=1669937427204&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 01 Dec 2022 23:30:29 GMT
X-Firefox-Spdy: h2
logx.optimizely.com/v1/events
54.204.183.102204 No Content 0 B URL HTTP/1.1 logx.optimizely.com/v1/events
IP 54.204.183.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/events HTTP/1.1
Host: logx.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 972
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://id.nugs.net
Access-Control-Expose-Headers: X-Results-Data-Source
Content-Type: text/plain
Date: Thu, 01 Dec 2022 23:30:29 GMT
Server: nginx/1.21.0
Timing-Allow-Origin: *
X-Request-Id: 0a360b13-02df-4384-90e6-55a3949ca7a8
Connection: keep-alive
api.amplitude.com/
54.70.168.241200 OK 7 B IP 54.70.168.241:0
File type ASCII text, with no line terminators
Hash 260ca9dd8a4577fc00b7bd5810298076
53a5687cb26dc41f2ab4033e97e13adefd3740d6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
POST / HTTP/1.1
Host: api.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 994
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:29 GMT
content-type: text/html;charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-methods: GET, POST
trace-id: Root=1-63893915-0259882659c51be51de437f3
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash fdd0307cc59c5df72c4b144e537a3247
4e33f616cdde03d5dc402e346b8893ef9ffc3869
452cc67790351f4ff9d0f709fec8888ad4aef24686b547eab246709a050764de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107236
Date: Thu, 01 Dec 2022 23:30:29 GMT
Etag: "63882b3e-1d7"
Expires: Sat, 03 Dec 2022 05:17:45 GMT
Last-Modified: Thu, 01 Dec 2022 04:19:10 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: trXtdzCb2ja88CBkajbr4OxYlJZBxM9172nCeUpmHJb7moOzHApxdw==
Age: 3515
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash fdd0307cc59c5df72c4b144e537a3247
4e33f616cdde03d5dc402e346b8893ef9ffc3869
452cc67790351f4ff9d0f709fec8888ad4aef24686b547eab246709a050764de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107227
Date: Thu, 01 Dec 2022 23:30:29 GMT
Etag: "63882b3e-1d7"
Expires: Sat, 03 Dec 2022 05:17:36 GMT
Last-Modified: Thu, 01 Dec 2022 04:19:10 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eYPFt2-cvgP30oWKbu_psGWlLKaOxPJLytTbieQISey9nN2qxeYMbQ==
Age: 3506
shopper.shop.pe/input.js
35.190.54.17200 OK 8.9 kB IP 35.190.54.17:0
File type ASCII text, with very long lines (17023)
Hash 277671bdc75ca43b2c48464d6ab4278f
fa3f6cfe3a34a0586917b256c7d5b8f9b4c1a205
cb280dde0bd7b5868891421254e239ef63551cc351cb246a68e9bc69bd4e0e8e
GET /input.js HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtkvZFzXp3afxwgHVUwSTc-_vRD0CN_ylP7rxbuebQ8OtaM0P0yUpiy8N5q_Iz7y7xLEWlQhLxcs_ugYLmmemdsF_WB3wYZ
x-goog-generation: 1667301507739079
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8877
content-encoding: gzip
x-goog-hash: crc32c=d2ag2w==, md5=J3ZxvcdcpDssSEZNarQnjw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8877
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
server: UploadServer
date: Thu, 01 Dec 2022 22:46:41 GMT
expires: Fri, 02 Dec 2022 02:46:41 GMT
cache-control: public, max-age=14400
age: 2629
last-modified: Tue, 01 Nov 2022 11:18:27 GMT
etag: "277671bdc75ca43b2c48464d6ab4278f"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
errors.client.optimizely.com/log
3.223.219.224200 OK 13 B URL HTTP/1.1 errors.client.optimizely.com/log
IP 3.223.219.224:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /log HTTP/1.1
Host: errors.client.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://id.nugs.net/
Origin: https://id.nugs.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://id.nugs.net
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Thu, 01 Dec 2022 23:30:30 GMT
Content-Length: 13
Connection: keep-alive
errors.client.optimizely.com/log
3.223.219.224204 No Content 0 B URL HTTP/1.1 errors.client.optimizely.com/log
IP 3.223.219.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log HTTP/1.1
Host: errors.client.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 330
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://id.nugs.net
Access-Control-Expose-Headers:
Content-Type: text/plain
Date: Thu, 01 Dec 2022 23:30:30 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 160166b6df71f2dec5feee1a59a61972
4b159f7394a5d635115ca4dd2ed100c440f2b4ed
0c1d45f5508eb5789f0bfc223663fb29922c59075fde9905c1da49a08228bdbf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141489
Date: Thu, 01 Dec 2022 23:30:30 GMT
Etag: "6388b0d1-1d7"
Expires: Sat, 03 Dec 2022 14:48:39 GMT
Last-Modified: Thu, 01 Dec 2022 13:49:05 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oEB3BQSbDrJNB2lSDqprRDe10AbcqVYKgFbVzAlZJwiwX0HWPsUrmg==
Age: 3574
addshoppers.s3.amazonaws.com/customize/622107cf73efc3646959c0d0/3497c80c4d544aca87f7130a9e0bf692.js?_t=1668435918
52.216.130.243200 OK 143 B URL HTTP/1.1 addshoppers.s3.amazonaws.com/customize/622107cf73efc3646959c0d0/3497c80c4d544aca87f7130a9e0bf692.js?_t=1668435918
IP 52.216.130.243:0
File type ASCII text, with no line terminators
Hash 85cd2887a926a337fb29caef3e31fb84
001433f0a5cc022420eb291a737d6a94e8f05ebd
bcc8cd25c2655db8fde84c809924dbf3f7effffe1388c8d8b22c0d6f49fafaa3
GET /customize/622107cf73efc3646959c0d0/3497c80c4d544aca87f7130a9e0bf692.js?_t=1668435918 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: jPErsk5yEoHS7XFxZ64VANqX0Ek/SkqmbB14DNXoH9m0+COmHfWAEAhqEhuc4ely3LG2XzfoML0=
x-amz-request-id: RYY3SNXJAWB5CEZN
Date: Thu, 01 Dec 2022 23:30:31 GMT
Last-Modified: Mon, 14 Nov 2022 14:25:19 GMT
ETag: "85cd2887a926a337fb29caef3e31fb84"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: vwnE2YtzrfAv3g6JToz1aNrEydtd8NWD
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 143
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 160166b6df71f2dec5feee1a59a61972
4b159f7394a5d635115ca4dd2ed100c440f2b4ed
0c1d45f5508eb5789f0bfc223663fb29922c59075fde9905c1da49a08228bdbf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141489
Date: Thu, 01 Dec 2022 23:30:30 GMT
Etag: "6388b0d1-1d7"
Expires: Sat, 03 Dec 2022 14:48:39 GMT
Last-Modified: Thu, 01 Dec 2022 13:49:05 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QTgwRqYQgzlnVVO4ffUiibvh2wm3-fo-15mWEKqZ7EuyY4AcbBAHrQ==
Age: 3574
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 1cfcac8a94979ce4a98c8432df1ad268
7732ce3170e7579f21f8feb78e8c252408d11039
fdb800805131f6fcba9861d59a10460b4fc363cb543110305078d7b40ad72a36
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Dec 2022 23:30:30 GMT
Last-Modified: Thu, 01 Dec 2022 21:41:24 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p83DZIEwy6ZCBCGUOizWdGgAZkIz63dtijtvLiB4aPeEE8ydyAX03A==
Age: 6546
addshoppers.s3.amazonaws.com/622107cf73efc3646959c0d0/6221312ec828c9383e9a2e52/A.js?_t=1650647083
52.216.130.243200 OK 4.4 kB URL HTTP/1.1 addshoppers.s3.amazonaws.com/622107cf73efc3646959c0d0/6221312ec828c9383e9a2e52/A.js?_t=1650647083
IP 52.216.130.243:0
File type ASCII text, with very long lines (19075), with no line terminators
Hash dd2760d1bfced719575de90229b199ce
017cb321aaf016305c0fde832745e0f9f845509f
ad1a3d432db38866ba89bda46cce917fc0afc3ba1aa7f010b28ff75c68cd3051
GET /622107cf73efc3646959c0d0/6221312ec828c9383e9a2e52/A.js?_t=1650647083 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Du9kVcjKmnujvURfdYaSmtWdcJS6lP0uND712uxkCDuoBn2Yn1EDfevpK1MacZZIewy+V7o29eY=
x-amz-request-id: RYY2JG65N986F14C
Date: Thu, 01 Dec 2022 23:30:31 GMT
Last-Modified: Fri, 22 Apr 2022 17:04:44 GMT
ETag: "dd2760d1bfced719575de90229b199ce"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: Sqti0Noo2kgup6_8ZHVxGpDv22S.SMws
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 4374
action.media6degrees.com/orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined
104.18.22.234200 OK 441 B URL HTTP/2 action.media6degrees.com/orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined
IP 104.18.22.234:0
Hash acba3436cd61d453594215060602c3ae
3ae9e3556501f195717fbb8e4902da36e1341c17
82b45e0bb3c600f684e71ea49333216103c55d71e12bfc5e41c568c0de1c5991
GET /orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined HTTP/1.1
Host: action.media6degrees.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://id.nugs.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:29 GMT
content-type: text/html;charset=ISO-8859-1
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
content-language: en-US
set-cookie: JSESSIONID=2BB3F21395FB625BCBF32DD984C08B62; Path=/orbserv/; HttpOnly
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772f9c634cc5fac4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
shopper.shop.pe/pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNjIyMTA3Y2Y3M2VmYzM2NDY5NTljMGQwIiwic2Vzc2lvbl9pZCI6IjcxN2JiNmViZWUyZTQ0YjE5MGU2ZjI5MTEzNTk1MTcwIiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9
35.190.54.17200 OK 609 B URL HTTP/2 shopper.shop.pe/pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNjIyMTA3Y2Y3M2VmYzM2NDY5NTljMGQwIiwic2Vzc2lvbl9pZCI6IjcxN2JiNmViZWUyZTQ0YjE5MGU2ZjI5MTEzNTk1MTcwIiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9
IP 35.190.54.17:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 6802175f61adc40617e8ba87a30aa6bd
14c099df9dae2f8586dd5f38f7afd9b3d2e277e5
0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170
GET /pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNjIyMTA3Y2Y3M2VmYzM2NDY5NTljMGQwIiwic2Vzc2lvbl9pZCI6IjcxN2JiNmViZWUyZTQ0YjE5MGU2ZjI5MTEzNTk1MTcwIiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9 HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv_mAL0PlOIqRhC3KQD35kgNLE6ZTcJuGqaZG8nWZQAlbn54hGYOLfGJlXUqJ4z_5RlF1s9C5iPcZtBLj5YoJMlbo5ZBb6z
x-goog-generation: 1505923927946539
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 609
x-goog-hash: crc32c=Yf0PfA==, md5=aAIXX2GtxAYX6LqHowqmvQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 609
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 01 Dec 2022 23:22:36 GMT
expires: Fri, 02 Dec 2022 00:22:36 GMT
cache-control: public, max-age=3600
age: 474
last-modified: Wed, 20 Sep 2017 16:12:07 GMT
etag: "6802175f61adc40617e8ba87a30aa6bd"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
logx.optimizely.com/v1/events
54.204.183.102204 No Content 0 B URL HTTP/1.1 logx.optimizely.com/v1/events
IP 54.204.183.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/events HTTP/1.1
Host: logx.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 920
Origin: https://id.nugs.net
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://id.nugs.net
Access-Control-Expose-Headers: X-Results-Data-Source
Content-Type: text/plain
Date: Thu, 01 Dec 2022 23:30:30 GMT
Server: nginx/1.21.0
Timing-Allow-Origin: *
X-Request-Id: 1d456e03-840f-447a-9e53-cb55fadfb2ac
Connection: keep-alive
cdn.nytrng.com/pl.2.2.min.js
143.204.55.58200 OK 0 B URL HTTP/2 cdn.nytrng.com/pl.2.2.min.js
IP 143.204.55.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pl.2.2.min.js HTTP/1.1
Host: cdn.nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nytrng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/plain
content-length: 0
date: Sat, 12 Nov 2022 07:11:14 GMT
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bsXa99Y-uJ3mfZ_paJGhHRChZOVvCGtNjGheB1LdFdb-NnT6VmrKGw==
age: 1700357
X-Firefox-Spdy: h2
gs.mountain.com/gs
34.212.4.35200 OK 144 B IP 34.212.4.35:0
File type ASCII text, with no line terminators
Hash 81e7a052c55cd9c1af87900fcf78553c
51106442f3c545aa7d3def01d8a7aea86ae15faa
f936163de4114c0889ed50e02c614bbe3b30db0e561f1106ce039c9feb87c6c0
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Cookie: guid=24d88827-71d0-11ed-a2a7-e7186f7ba26f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 01 Dec 2022 23:30:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash ec5bfaa25659d12bfeecd675987bfafa
f260e5b8c8d7ca3b03cbdd36f944105ea2af4de7
0ee92861f9cdfdcc39a73916baaa2462277559e3045151ceed520efca3d1bc86
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:30:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 05 Dec 2022 21:31:06 GMT
ETag: "f260e5b8c8d7ca3b03cbdd36f944105ea2af4de7"
Last-Modified: Thu, 01 Dec 2022 21:31:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1196
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772f9c760e5eb515-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash ec5bfaa25659d12bfeecd675987bfafa
f260e5b8c8d7ca3b03cbdd36f944105ea2af4de7
0ee92861f9cdfdcc39a73916baaa2462277559e3045151ceed520efca3d1bc86
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:30:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 05 Dec 2022 21:31:06 GMT
ETag: "f260e5b8c8d7ca3b03cbdd36f944105ea2af4de7"
Last-Modified: Thu, 01 Dec 2022 21:31:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1196
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772f9c761e6bb515-OSL
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=24d88827-71d0-11ed-a2a7-e7186f7ba26f&gdpr=&gdpr_consent=
3.33.220.150200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=24d88827-71d0-11ed-a2a7-e7186f7ba26f&gdpr=&gdpr_consent=
IP 3.33.220.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=24d88827-71d0-11ed-a2a7-e7186f7ba26f&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:30:32 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=32717&tdr=&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term=value
54.190.217.118200 0 B URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=32717&tdr=&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term=value
IP 54.190.217.118:0
GET /spx?dxver=4.0.0&shaid=32717&tdr=&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Thu, 01 Dec 2022 23:30:27 GMT
connection: close
action.dstillery.com/orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined
104.18.22.234302 Found 0 B URL HTTP/2 action.dstillery.com/orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined
IP 104.18.22.234:0
GET /orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined HTTP/1.1
Host: action.dstillery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 01 Dec 2022 23:30:28 GMT
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl163612857293082&ns=6520&nc=Nugs.net_SV&ncv=43&dstOrderId=undefined&dstOrderAmount=undefined
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772f9c609b43fac4-OSL
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue&cb=1669937430366821&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669937431108
35.85.106.161200 OK 0 B URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue&cb=1669937430366821&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669937431108
IP 35.85.106.161:0
GET /st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue&cb=1669937430366821&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669937431108 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Cookie: guid=24d88827-71d0-11ed-a2a7-e7186f7ba26f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 01 Dec 2022 23:30:31 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWMjYyNzSPN7IwtlCyMjQzs7Q0NjcxNrQwNNZR8guKh8qaWxorWRnoKJUpWRkhi4N1GdQCAKl0lYdGAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzI3MTc6MTY2OTkzNzQzMQ==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=24d88827-71d0-11ed-a2a7-e7186f7ba26f;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
px.mountain.com/st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term%3Dvalue&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue
35.85.106.161200 OK 0 B URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term%3Dvalue&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue
IP 35.85.106.161:0
GET /st?ga_tracking_id=UA-21272837-8&ga_client_id=2127707211.1669937427&shpt=Login%20%7C%20nugs.net&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-21272837-8%22%2C%22ga_client_id%22%3A%222127707211.1669937427%22%2C%22shpt%22%3A%22Login%20%7C%20nugs.net%22%2C%22dcm_cid%22%3A%222127707211.1669937427%22%2C%22dcm_gid%22%3A%221604399674.1669937427%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=2127707211.1669937427&dcm_gid=1604399674.1669937427&dxver=4.0.0&shaid=32717&plh=https%3A%2F%2Fid.nugs.net%2Faccount%2Flogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D3TwoVlLAUFrJX33n3HSCSO%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nugs.net%25252Fon%25252Fdemandware.store%25252FSites-NugsNet-Site%25252Fdefault%25252FLogin-OAuthReentry%2526response_type%253Dcode%2526scope%253Doffline_access%252520nugsnet%25253Aapi%252520nugsnet%25253Alegacyapi%252520openid%252520profile%252520email%2526state%253D2020360286&cb=33157243297560092term%3Dvalue&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 01 Dec 2022 23:30:30 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=24d88827-71d0-11ed-a2a7-e7186f7ba26f;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
www.nugs.net/stash/
104.16.165.17302 Found 0 B IP 104.16.165.17:0
GET /stash/ HTTP/1.1
Host: www.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 01 Dec 2022 23:30:26 GMT
content-type: text/html;charset=UTF-8
location: https://www.nugs.net/login/?original=%2Fstash%2F
accept-ranges: bytes
set-cookie: dwac_9133d427c5c7360fa92e3d39f2=jKNJZPMtJd7U0fy-xo8NlF1Emc7xg17R7DE%3D|dw-only|||USD|false|US%2FPacific|true; Path=/; Secure; SameSite=None
cqcid=abOQDd1qQjOquD0sDnQ1NNPnIn; Path=/; Secure; SameSite=None
cquid=||; Path=/; Secure; SameSite=None
sid=jKNJZPMtJd7U0fy-xo8NlF1Emc7xg17R7DE; Path=/; Secure; SameSite=None
dwanonymous_e08898a5baf36d7bf8eac33b900a38fb=abOQDd1qQjOquD0sDnQ1NNPnIn; Version=1; Comment="Demandware anonymous cookie for site Sites-NugsNet-Site"; Max-Age=15552000; Expires=Tue, 30-May-2023 23:30:26 GMT; Path=/; Secure; SameSite=None
__cq_dnt=0; Path=/; Secure; SameSite=None
dw_dnt=0; Path=/; Secure; SameSite=None
dwsid=3JiaS5xVcFAKJgEzDCUSew1_SuGe-wtfMsaz0-dRqPywbVZMjrr7VOAjY32SCFEev-Giv7fWhyesjcEgbvZz8w==; path=/; HttpOnly; Secure; SameSite=None
x-dw-request-base-id: L-ffSBI5iWMBAAB_
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772f9c4f1f4f1c06-OSL
X-Firefox-Spdy: h2
www.nugs.net/login/?original=%2Fstash%2F
104.16.165.17302 Found 0 B URL HTTP/2 www.nugs.net/login/?original=%2Fstash%2F
IP 104.16.165.17:0
GET /login/?original=%2Fstash%2F HTTP/1.1
Host: www.nugs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dwac_9133d427c5c7360fa92e3d39f2=jKNJZPMtJd7U0fy-xo8NlF1Emc7xg17R7DE%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=abOQDd1qQjOquD0sDnQ1NNPnIn; cquid=||; sid=jKNJZPMtJd7U0fy-xo8NlF1Emc7xg17R7DE; dwanonymous_e08898a5baf36d7bf8eac33b900a38fb=abOQDd1qQjOquD0sDnQ1NNPnIn; __cq_dnt=0; dw_dnt=0; dwsid=3JiaS5xVcFAKJgEzDCUSew1_SuGe-wtfMsaz0-dRqPywbVZMjrr7VOAjY32SCFEev-Giv7fWhyesjcEgbvZz8w==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
date: Thu, 01 Dec 2022 23:30:26 GMT
content-type: text/html;charset=UTF-8
location: https://id.nugs.net/connect/authorize?client_id=3TwoVlLAUFrJX33n3HSCSO&redirect_uri=https://www.nugs.net/on/demandware.store/Sites-NugsNet-Site/default/Login-OAuthReentry&response_type=code&scope=offline_access%20nugsnet:api%20nugsnet:legacyapi%20openid%20profile%20email&state=2020360286
accept-ranges: bytes
x-dw-request-base-id: L-fhSBI5iWMBAAB_
set-cookie: __cq_dnt=0; Path=/; Secure; SameSite=None
dw_dnt=0; Path=/; Secure; SameSite=None
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772f9c5248d31c06-OSL
X-Firefox-Spdy: h2
public.profitwell.com/js/profitwell.js?auth=bb3ac3072e04dce65d4c1fb6e54a520b
54.230.111.96200 OK 0 B URL HTTP/2 public.profitwell.com/js/profitwell.js?auth=bb3ac3072e04dce65d4c1fb6e54a520b
IP 54.230.111.96:0
GET /js/profitwell.js?auth=bb3ac3072e04dce65d4c1fb6e54a520b HTTP/1.1
Host: public.profitwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id.nugs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Dec 2022 04:29:46 GMT
cache-control: public,max-age=86400
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: etsSmzsx36jCO-w0C9e_lVRBZ-KXsw688FyWt1KZxEVb5Uqofczq_Q==
age: 68443
X-Firefox-Spdy: h2