firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 18 Oct 2022 09:39:28 GMT
Expires: Tue, 18 Oct 2022 10:15:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t_SBNlPbzA9NuOqzb8r8n6DPsrSdgUpcFgNPGs69kbrDMjm93SqIgA==
Age: 3119
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 66155b620c27c14aced991b34be0d1a0
2d489f39edc932199e2d8e03b40c1a5c95b993d2
1a500079242f4472c1e8dafd352c6c6078a7228a1993208d2fe1e27dd00644ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A500079242F4472C1E8DAFD352C6C6078A7228A1993208D2FE1E27DD00644EA"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11927
Expires: Tue, 18 Oct 2022 13:50:14 GMT
Date: Tue, 18 Oct 2022 10:31:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 533e1d53f291993ed5886f88a85c6e55
eb4396e8422f71168d32ac6ff3ef49496f625e62
0d1b73b2a228fe76bf14688e603741025a40803971e05570f873b28788334b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1B73B2A228FE76BF14688E603741025A40803971E05570F873B28788334B33"
Last-Modified: Mon, 17 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8011
Expires: Tue, 18 Oct 2022 12:44:58 GMT
Date: Tue, 18 Oct 2022 10:31:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nDsskBC/eIW9DKnJZ40L5pPdmzzXwW0pN6vyAel/O+wMG6GDx6tigctG6SDOaBhwXNn/0jCbl7A=
x-amz-request-id: 3GMB5MNZ9XKJ26VR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 18 Oct 2022 10:03:47 GMT
age: 1660
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 10:31:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 18 Oct 2022 09:43:40 GMT
Cache-Control: max-age=3600
Expires: Tue, 18 Oct 2022 09:44:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5vwyXKR2QWRfM9S0aqvkfa8dC7S-paU8ZTjDPRtDwuY0V2E-W-aAMw==
Age: 2868
ocsp.digicert.com/
200 OK 471 B IP
Hash c9b278637bdca251f78b46e4a0850473
a48fe5095fc27af1c6b6628149d9e8f655295621
eea38f271e134a85a7b586631a8831888ab81f0edb33120b26bd35cdfa032e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6376
Cache-Control: max-age=170492
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:28 GMT
Etag: "634e5e95-1d7"
Expires: Thu, 20 Oct 2022 09:53:00 GMT
Last-Modified: Tue, 18 Oct 2022 08:06:45 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
200 OK 40 kB URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, Unicode text, UTF-8 text, with very long lines (2389), with CRLF line terminators
Hash 9da66fad9c063ef5a2cfbfa737e8b825
7ac05be31ebd9d7ef782084c174c526877060594
28d657e10b8fb46dbcc7b55bc6939f5e2253f11b1ed086b881fff7af67927868
GET /~dateba5/nf/run/si.html?cmd=_account-details&session= HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
last-modified: Sat, 15 Oct 2022 02:01:05 GMT
accept-ranges: bytes
content-length: 39960
content-type: text/html
date: Tue, 18 Oct 2022 10:31:28 GMT
server: Apache
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement.min.js
200 OK 13 kB URL HTTP/2 assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement.min.js
IP
File type ASCII text, with very long lines (32129)
Hash 2fc8049cc90a6556bcec23706b95f358
1782de0b2ee1776bfcb026e404e5b8ca13291d4a
b759e45eb230cd778563b0af46a4b26fba4df77e50fdc2808f825e852cba0021
GET /extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "42fa244f36955eedb3cd8ade6f492bf6:1583879362.816163"
last-modified: Tue, 10 Mar 2020 22:29:22 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 13342
expires: Tue, 18 Oct 2022 11:31:28 GMT
date: Tue, 18 Oct 2022 10:31:28 GMT
cache-control: no-cache
access-control-allow-origin: https://secure58.webhostinghub.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/launch-EN9003f540e66e4e1ab08743d206a869f4.min.js
200 OK 123 kB URL HTTP/2 assets.adobedtm.com/launch-EN9003f540e66e4e1ab08743d206a869f4.min.js
IP
File type ASCII text, with very long lines (32766)
Size 123 kB (122856 bytes)
Hash 2997cb78660872d1497fe0850d5d9976
6ae12975ea345152bab3b83f6fd293238f806d86
a7b956f4063686eaede3d595165fb5b9029b0f6b9972b6b1441237c4a73266b0
GET /launch-EN9003f540e66e4e1ab08743d206a869f4.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "5e7fec9eba71697c4ed6dd9952a0259e:1665519509.082902"
last-modified: Tue, 11 Oct 2022 20:18:29 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 18 Oct 2022 11:31:28 GMT
date: Tue, 18 Oct 2022 10:31:28 GMT
content-length: 122856
access-control-allow-origin: https://secure58.webhostinghub.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/eeb22595e0ba/5c925ea43925/738bcf9d83e3/RCa7abbf617c704185bdaf0ce350f214af-source.min.js
200 OK 482 B URL HTTP/2 assets.adobedtm.com/eeb22595e0ba/5c925ea43925/738bcf9d83e3/RCa7abbf617c704185bdaf0ce350f214af-source.min.js
IP
File type ASCII text, with very long lines (658)
Hash 6ec29ba7dac81e277c43e1d028221867
781060a8ad4c5fb93fe522900c8df173a28aca98
25177e0097c6c695d4b5d06861feb605037970b73c9605999a4b11eb36c63513
GET /eeb22595e0ba/5c925ea43925/738bcf9d83e3/RCa7abbf617c704185bdaf0ce350f214af-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ccc6e175dd6fa516dfe5108129fd9744:1608065961.715476"
last-modified: Tue, 15 Dec 2020 20:59:21 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 18 Oct 2022 11:31:28 GMT
date: Tue, 18 Oct 2022 10:31:28 GMT
content-length: 482
access-control-allow-origin: https://secure58.webhostinghub.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/eeb22595e0ba/5c925ea43925/738bcf9d83e3/RC7929137f6b6041d3ac77021e6a43dee3-source.min.js
200 OK 461 B URL HTTP/2 assets.adobedtm.com/eeb22595e0ba/5c925ea43925/738bcf9d83e3/RC7929137f6b6041d3ac77021e6a43dee3-source.min.js
IP
File type ASCII text, with very long lines (678)
Hash 3fdb8bb1be689e05650e1a217a02b619
d033276c424be4d9fcc0c30b037e327d188a5155
8956198293688b7464efed2b6bdaafb7a527d292f50bc88171014cdc570ce8ac
GET /eeb22595e0ba/5c925ea43925/738bcf9d83e3/RC7929137f6b6041d3ac77021e6a43dee3-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ccc6e175dd6fa516dfe5108129fd9744:1608065961.715476"
last-modified: Tue, 15 Dec 2020 20:59:21 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 18 Oct 2022 11:31:28 GMT
date: Tue, 18 Oct 2022 10:31:28 GMT
content-length: 461
access-control-allow-origin: https://secure58.webhostinghub.com
timing-allow-origin: *
X-Firefox-Spdy: h2
secure58.webhostinghub.com/iojs/latest/dyn_wdp.js
404 Not Found 236 B URL HTTP/2 secure58.webhostinghub.com/iojs/latest/dyn_wdp.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 3dea6e4a74ae5c8a6b8dd3bae0de6081
0b2672db2629a86272ca21084220113c548195db
6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362
GET /iojs/latest/dyn_wdp.js HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 236
content-type: text/html; charset=iso-8859-1
date: Tue, 18 Oct 2022 10:31:28 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6016dea5f80664eb009e16dd4989630a
b0aa29f72bd449aa2f33c7f9f531067fa741a6da
5dd595913b3fa11b3a64d2636abd887fa2d7dd85e16a2095d83431adf23408d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 49ktutOZ+KPXiTEzksxXaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LhgfwyUjPHiLU0zgHZ0MKvXHfEg=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 00793600302d280c0f99bf96cfb0f009
98cea63c09c9c100bfdfc64ce73946d0a916aafb
31634dcf178009925d65ad67462bfa02c239b5b5f2c9a79aecc3b9a011015957
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 42812d3f44ded0aff3f3bd6af584b333
f98e2681013fa424d076ce5fd4cf27c8f40c2ba8
9126685a5cdda4639796632366d3a2935317cf7a51d724d5bb56e315f5142262
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 00793600302d280c0f99bf96cfb0f009
98cea63c09c9c100bfdfc64ce73946d0a916aafb
31634dcf178009925d65ad67462bfa02c239b5b5f2c9a79aecc3b9a011015957
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 9035b03ce25dab7efa6bd5bb9147d69e
27807f1e40346da2edde4a006548dfb9b9fc7fcc
020c2f668d0c7bffca1b719733c4efd25a5def51039cd67eb8df8d91fa07dca7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5003
Cache-Control: max-age=99983
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:28 GMT
Etag: "634d5084-1d7"
Expires: Wed, 19 Oct 2022 14:17:51 GMT
Last-Modified: Mon, 17 Oct 2022 12:54:28 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 9035b03ce25dab7efa6bd5bb9147d69e
27807f1e40346da2edde4a006548dfb9b9fc7fcc
020c2f668d0c7bffca1b719733c4efd25a5def51039cd67eb8df8d91fa07dca7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6486
Cache-Control: max-age=101465
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:28 GMT
Etag: "634d5084-1d7"
Expires: Wed, 19 Oct 2022 14:42:33 GMT
Last-Modified: Mon, 17 Oct 2022 12:54:28 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
www.google.com/recaptcha/api.js
200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js
IP
File type ASCII text, with very long lines (850), with no line terminators
Hash e97ac326fe7d86d6443c29db10dd14e7
6001bc7cf0bc44bb9fb4b3cb5e99928d988e5221
ceb685ffc1ceb8e12d13345098796805f46a8f97fb744a00739f57c8961a59b6
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 18 Oct 2022 10:31:28 GMT
date: Tue, 18 Oct 2022 10:31:28 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-5053096
200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-5053096
IP
File type ASCII text, with very long lines (1850)
Hash fc310e07bb7a3f9f0d896fdd3fd6c9cd
6629f35557038872469ee9c18a2387fe3f1be4d6
a326aad8ccfd62d3e7ca5e8d08af32d30b329051839727a142b03908ae3b2fec
GET /gtag/js?id=DC-5053096 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 18 Oct 2022 10:31:28 GMT
expires: Tue, 18 Oct 2022 10:31:28 GMT
cache-control: private, max-age=900
last-modified: Tue, 18 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43054
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-9749892
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9749892
IP
File type ASCII text, with very long lines (1934)
Hash d5c8ee246c3aec5f5620a0ad469b33f0
913330df25848fd40f3550a0c65ac7b2e8f5e2ea
54eead0413e24616a78e87a29d3e06b25db191c0be47efa06a0b63e1838586ee
GET /gtag/js?id=DC-9749892 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 18 Oct 2022 10:31:28 GMT
expires: Tue, 18 Oct 2022 10:31:28 GMT
cache-control: private, max-age=900
last-modified: Tue, 18 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42488
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mpsnare.iesnare.com/script/logo.js
200 OK 108 B URL HTTP/1.1 mpsnare.iesnare.com/script/logo.js
IP
File type ASCII text, with no line terminators
Hash 474d1bf73b144fd08bbafb50e109dbe1
f92229226c9a22d17c964cbdfc829498cb3b3af4
15685450621e1b0f5560387e042ed9c3309cbf26bd057b77122a24d02ac6c659
GET /script/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 18 Oct 2022 10:31:28 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Wed, 18 Oct 2023 10:31:28 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
mpsnare.iesnare.com/snare.js
200 OK 13 kB URL HTTP/1.1 mpsnare.iesnare.com/snare.js
IP
File type ASCII text, with very long lines (38512), with no line terminators
Hash 86700acb6617275e4c6770da9453530c
f68e6a518c3f27133c2fee84cbb201a8b0be49fb
374866d84dde3504bc41939a9a30557d13f092d6ebc7b54ac28917cb355ac154
GET /snare.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 18 Oct 2022 10:31:28 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=oLPMKjlGjxenw/6rS93bh1YtUNNA0eQtjFBr+nPKAL8=;Path=/;Expires=Wed, 18-Oct-2023 10:31:28 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash 95d5b3a47ff0a53488f4ef504d625ccb
931a56ab6c2fb3a04bec59b11e05defed9825505
28ed4da4680abdab4ad93cc8a5a72ce0417e6aa3eb47b2ac56a5818a670c9a16
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5621
Cache-Control: max-age=141697
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:28 GMT
Etag: "634df10c-1d7"
Expires: Thu, 20 Oct 2022 01:53:05 GMT
Last-Modified: Tue, 18 Oct 2022 00:19:24 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6016dea5f80664eb009e16dd4989630a
b0aa29f72bd449aa2f33c7f9f531067fa741a6da
5dd595913b3fa11b3a64d2636abd887fa2d7dd85e16a2095d83431adf23408d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 95d5b3a47ff0a53488f4ef504d625ccb
931a56ab6c2fb3a04bec59b11e05defed9825505
28ed4da4680abdab4ad93cc8a5a72ce0417e6aa3eb47b2ac56a5818a670c9a16
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2232
Cache-Control: max-age=138308
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:28 GMT
Etag: "634df10c-1d7"
Expires: Thu, 20 Oct 2022 00:56:36 GMT
Last-Modified: Tue, 18 Oct 2022 00:19:24 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
secure58.webhostinghub.com/~dateba5/nf/run/assets/js/eidjs/static_wdp.js
302 Found 201 B URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/assets/js/eidjs/static_wdp.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 29ef6392f90f7b121716b5da08e56c51
37be3050227cecf1428e146d9db71b4e3efd22d0
e1a161e4dffb20aa3981e181760a99dd601f772c72ec9236b2bbde613e94d463
GET /~dateba5/nf/run/assets/js/eidjs/static_wdp.js HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
location: http://google.com
content-length: 201
content-type: text/html; charset=iso-8859-1
date: Tue, 18 Oct 2022 10:31:28 GMT
server: Apache
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
200 OK 1.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
IP
File type ASCII text, with very long lines (3138)
Hash dbb5211703cf7696d634360cc8874fa7
9231e7ebe8096b629c9ac522e41f8c2a8013db99
535a218392da01549f9fd640908f59c213e809c2db778c36094e3a84959106df
GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1598
expires: Tue, 18 Oct 2022 11:31:28 GMT
date: Tue, 18 Oct 2022 10:31:28 GMT
cache-control: no-cache
access-control-allow-origin: https://secure58.webhostinghub.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 95d5b3a47ff0a53488f4ef504d625ccb
931a56ab6c2fb3a04bec59b11e05defed9825505
28ed4da4680abdab4ad93cc8a5a72ce0417e6aa3eb47b2ac56a5818a670c9a16
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5621
Cache-Control: max-age=141697
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:28 GMT
Etag: "634df10c-1d7"
Expires: Thu, 20 Oct 2022 01:53:05 GMT
Last-Modified: Tue, 18 Oct 2022 00:19:24 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
secure58.webhostinghub.com/libraries/840a3e1ffno17969510790ec37fbbc3
404 Not Found 236 B URL HTTP/2 secure58.webhostinghub.com/libraries/840a3e1ffno17969510790ec37fbbc3
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 3dea6e4a74ae5c8a6b8dd3bae0de6081
0b2672db2629a86272ca21084220113c548195db
6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362
GET /libraries/840a3e1ffno17969510790ec37fbbc3 HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 236
content-type: text/html; charset=iso-8859-1
date: Tue, 18 Oct 2022 10:31:28 GMT
server: Apache
X-Firefox-Spdy: h2
secure58.webhostinghub.com/~dateba5/nf/run/TDOX2/jquery.ccvalid.js
200 OK 7.4 kB URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/TDOX2/jquery.ccvalid.js
IP
Hash 2f24b339e94eb18fdfd5cd5a60e82546
2abf52df7041eac55e0f59bf867053d4cb29891a
ca83477931d09aca84c55e779bb2e6ef502b1af1bef668de771b8209a43eb11b
Analyzer Verdict Alert urlquery Phishing - DHL
GET /~dateba5/nf/run/TDOX2/jquery.ccvalid.js HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 05 May 2018 22:05:52 GMT
accept-ranges: bytes
content-length: 7442
content-type: application/javascript
date: Tue, 18 Oct 2022 10:31:28 GMT
server: Apache
X-Firefox-Spdy: h2
secure58.webhostinghub.com/~dateba5/nf/run/TDOX2/jquery.mask.min.js
200 OK 8.2 kB URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/TDOX2/jquery.mask.min.js
IP
File type ASCII text, with very long lines (537)
Hash acb54232967a36f1df1d0c0623a89d65
6bc0ce0a4a1dd27ddb307b80a1247af996eb23bf
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
GET /~dateba5/nf/run/TDOX2/jquery.mask.min.js HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 Jul 2018 20:59:48 GMT
accept-ranges: bytes
content-length: 8185
content-type: application/javascript
date: Tue, 18 Oct 2022 10:31:28 GMT
server: Apache
X-Firefox-Spdy: h2
secure58.webhostinghub.com/~dateba5/nf/run/jquery.bpopup.min.js
200 OK 5.2 kB URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/jquery.bpopup.min.js
IP
File type ASCII text, with very long lines (4893), with CRLF line terminators
Hash 204ec5bd1f07bb6eb37b0da75badfc16
e5af64ff3228b99766a27b02c71318a1280fbd00
ba7482c60670d6dd0524299ac1e89150a1fa3e4e09b19b6eaafaf1ce14779a4e
GET /~dateba5/nf/run/jquery.bpopup.min.js HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 12 Jun 2020 00:18:22 GMT
accept-ranges: bytes
content-length: 5236
content-type: application/javascript
date: Tue, 18 Oct 2022 10:31:28 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash dacaeafb819026a188905266558de0dc
5761fb8515e08e4cc3e16a0036a1337d599a6dd8
3f016a36f39a7ca47ed44040ea6e145863cba28057cd50d972afdbd2b42053c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 00793600302d280c0f99bf96cfb0f009
98cea63c09c9c100bfdfc64ce73946d0a916aafb
31634dcf178009925d65ad67462bfa02c239b5b5f2c9a79aecc3b9a011015957
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement.min.js
304 Not Modified 0 B URL HTTP/2 assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement.min.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 10 Mar 2020 22:29:22 GMT
If-None-Match: "42fa244f36955eedb3cd8ade6f492bf6:1583879362.816163"
TE: trailers
HTTP/2 304 Not Modified
content-type: application/x-javascript
last-modified: Tue, 10 Mar 2020 22:29:22 GMT
etag: "42fa244f36955eedb3cd8ade6f492bf6:1583879362.816163"
expires: Tue, 18 Oct 2022 11:31:29 GMT
date: Tue, 18 Oct 2022 10:31:29 GMT
cache-control: no-cache
access-control-allow-origin: https://secure58.webhostinghub.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 1c07ef0493b1281832701416bfc882f5
bc6aec5bb360722b22aa7d984ad7558057f717ba
52fea8c6eb22a65550c363221ea928fb96291cac35b3771668c4381aab104bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5794
Cache-Control: max-age=159122
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:29 GMT
Etag: "634e3471-1d7"
Expires: Thu, 20 Oct 2022 06:43:31 GMT
Last-Modified: Tue, 18 Oct 2022 05:06:57 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 279 B IP
Hash 03b0b45a93caa1e340ae313a175172a7
3d33d23b021e1823a76330ecbe860a04f1523270
27b01f5cb98858136277091123fd2802462d98da56acc37f82927ba0b86f554e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120552
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:28 GMT
Etag: "634db468-117"
Expires: Wed, 19 Oct 2022 20:00:40 GMT
Last-Modified: Mon, 17 Oct 2022 20:00:40 GMT
Server: nginx
Content-Length: 279
secure58.webhostinghub.com/~dateba5/nf/run/TDOX2/jquery-3.3.1.min.js
200 OK 87 kB URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/TDOX2/jquery-3.3.1.min.js
IP
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /~dateba5/nf/run/TDOX2/jquery-3.3.1.min.js HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jun 2018 00:08:30 GMT
accept-ranges: bytes
content-length: 86927
content-type: application/javascript
date: Tue, 18 Oct 2022 10:31:28 GMT
server: Apache
X-Firefox-Spdy: h2
secure58.webhostinghub.com/~dateba5/nf/run/TDOX3/jquery.bpopup.min.js
302 Found 201 B URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/TDOX3/jquery.bpopup.min.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 29ef6392f90f7b121716b5da08e56c51
37be3050227cecf1428e146d9db71b4e3efd22d0
e1a161e4dffb20aa3981e181760a99dd601f772c72ec9236b2bbde613e94d463
GET /~dateba5/nf/run/TDOX3/jquery.bpopup.min.js HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
location: http://google.com
content-length: 201
content-type: text/html; charset=iso-8859-1
date: Tue, 18 Oct 2022 10:31:28 GMT
server: Apache
X-Firefox-Spdy: h2
secure58.webhostinghub.com/iojs/latest/dyn_wdp.js
404 Not Found 236 B URL HTTP/2 secure58.webhostinghub.com/iojs/latest/dyn_wdp.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 3dea6e4a74ae5c8a6b8dd3bae0de6081
0b2672db2629a86272ca21084220113c548195db
6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362
GET /iojs/latest/dyn_wdp.js HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Cookie: AMCV_9BD537045330573C0A490D44%40AdobeOrg=1176715910%7CMCIDTS%7C19284%7CvVersion%7C5.4.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 236
content-type: text/html; charset=iso-8859-1
date: Tue, 18 Oct 2022 10:31:29 GMT
server: Apache
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9BD537045330573C0A490D44%40AdobeOrg&d_nsid=0&ts=1666089095701
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9BD537045330573C0A490D44%40AdobeOrg&d_nsid=0&ts=1666089095701
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9BD537045330573C0A490D44%40AdobeOrg&d_nsid=0&ts=1666089095701 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://secure58.webhostinghub.com
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure58.webhostinghub.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-0f1bb4e60.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9BD537045330573C0A490D44%40AdobeOrg&d_nsid=0&ts=1666089095701
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=34401821440706020492733353512234398024; Max-Age=15552000; Expires=Sun, 16 Apr 2023 10:31:29 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: u5JRZviJThI=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9BD537045330573C0A490D44%40AdobeOrg&d_nsid=0&ts=1666089095701
200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9BD537045330573C0A490D44%40AdobeOrg&d_nsid=0&ts=1666089095701
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9BD537045330573C0A490D44%40AdobeOrg&d_nsid=0&ts=1666089095701 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure58.webhostinghub.com
Content-Type: application/x-www-form-urlencoded
Referer: https://secure58.webhostinghub.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure58.webhostinghub.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-07a02cb5f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: F/Nz45z4SmY=
Content-Length: 124
Connection: keep-alive
membership.navyfederal.org/main-3f5bb14d310ca730c164.css
200 OK 25 kB URL HTTP/1.1 membership.navyfederal.org/main-3f5bb14d310ca730c164.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash ed154955b28c0d7220527725a03783e9
41f0b2ec53fdb77e54b10284d9f99d503a31e553
be918c8214ff8041ed85f16f27e01e0824b25f9516b1c9463d31037d5eac93d0
GET /main-3f5bb14d310ca730c164.css HTTP/1.1
Host: membership.navyfederal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Backside-Transport: OK OK
Last-Modified: Fri, 06 Nov 2020 22:07:28 GMT
ETag: "36776-26f60-5b377702c8800"
Content-Type: text/css
X-Global-Transaction-ID: 8feab9f76349c1b59c1d6b3f
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Content-Length: 24587
Vary: Accept-Encoding
Date: Tue, 18 Oct 2022 10:31:29 GMT
Connection: keep-alive
Set-Cookie: membershipdc=d; path=/; domain=navyfederal.org; secure
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e2c464d4e4ea5f15a3e49ad57549c260
7bfc1c84c1c6d1f8069fa9e4ec5233eb3ee46d13
022cbc47b3c78a12f143082fb0ee78099a528b71a873603ae3de64d06098302b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 0a004979cadda4b9ce6680c42d84d0f4
b909686859227f2ede40ed0294e5c791ce66594f
5e52136b12d73cc476644b31bc25d78524e9365e36da8485a7bdded3f99cf57e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 18 Oct 2022 10:31:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 18 Oct 2022 04:43:56 GMT
Expires: Wed, 19 Oct 2022 04:43:56 GMT
ETag: "b909686859227f2ede40ed0294e5c791ce66594f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure58.webhostinghub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:26:57 GMT
expires: Thu, 12 Oct 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 486272
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t.myvisualiq.net/activity_pixel?pt=i&et=a&r=[cachebuster]&ago=212&ao=832&px=923&ord=[order_id]&revenue=[revenue]
302 Moved Temporarily 0 B URL HTTP/1.1 t.myvisualiq.net/activity_pixel?pt=i&et=a&r=[cachebuster]&ago=212&ao=832&px=923&ord=[order_id]&revenue=[revenue]
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /activity_pixel?pt=i&et=a&r=[cachebuster]&ago=212&ao=832&px=923&ord=[order_id]&revenue=[revenue] HTTP/1.1
Host: t.myvisualiq.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 18 Oct 2022 10:31:29 GMT
Location: https://t.myvisualiq.net/ul_cb/activity_pixel?pt=i&et=a&r=[cachebuster]&ago=212&ao=832&px=923&ord=[order_id]&revenue=[revenue]
Set-Cookie: tuuid=4bb0d7dc-427d-4c27-b88a-122db42be889; path=/; expires=Thu, 17-Oct-2024 10:31:29 GMT; domain=.myvisualiq.net
c=1666089089; path=/; expires=Thu, 17-Oct-2024 10:31:29 GMT; domain=.myvisualiq.net
tuuid_lu=1666089089; path=/; expires=Thu, 17-Oct-2024 10:31:29 GMT; domain=.myvisualiq.net
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e2c464d4e4ea5f15a3e49ad57549c260
7bfc1c84c1c6d1f8069fa9e4ec5233eb3ee46d13
022cbc47b3c78a12f143082fb0ee78099a528b71a873603ae3de64d06098302b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.myvisualiq.net/ul_cb/activity_pixel?pt=i&et=a&r=[cachebuster]&ago=212&ao=832&px=923&ord=[order_id]&revenue=[revenue]
200 OK 43 B URL HTTP/1.1 t.myvisualiq.net/ul_cb/activity_pixel?pt=i&et=a&r=[cachebuster]&ago=212&ao=832&px=923&ord=[order_id]&revenue=[revenue]
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/activity_pixel?pt=i&et=a&r=[cachebuster]&ago=212&ao=832&px=923&ord=[order_id]&revenue=[revenue] HTTP/1.1
Host: t.myvisualiq.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure58.webhostinghub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
access-control-allow-origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
cross-origin-resource-policy: cross-origin
Date: Tue, 18 Oct 2022 10:31:29 GMT
Content-Length: 43
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 5a95a1f4aac5a88d05d8bb444c4fab7c
fcaf7ec935c74fd3566c7669554e5c77f5d9cf6e
f4d4d391867a1b113b42e8647f3a4a96936b6c6484533ecf6a8fb82509886b8b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=145771
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:29 GMT
Etag: "634e16ec-1d7"
Expires: Thu, 20 Oct 2022 03:01:00 GMT
Last-Modified: Tue, 18 Oct 2022 03:01:00 GMT
Server: nginx
Content-Length: 471
analytics.navyfederal.org/id?d_visid_ver=5.4.0&d_fieldgroup=MC&mcorgid=9BD537045330573C0A490D44%40AdobeOrg&ts=1666089096042
200 OK 89 B URL HTTP/2 analytics.navyfederal.org/id?d_visid_ver=5.4.0&d_fieldgroup=MC&mcorgid=9BD537045330573C0A490D44%40AdobeOrg&ts=1666089096042
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 8301f5116db74d894e15fb71702451ce
6bed88224c3fcd225ae2830f3dbd61885ca960b2
4948e8a32d0abdfbd2e278a645e1f628fca03e4dbfa34b1a2b4947ec8902894d
GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&mcorgid=9BD537045330573C0A490D44%40AdobeOrg&ts=1666089096042 HTTP/1.1
Host: analytics.navyfederal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://secure58.webhostinghub.com
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://secure58.webhostinghub.com
access-control-allow-credentials: true
date: Tue, 18 Oct 2022 10:31:29 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31A740409708C92C-6000152356133EC0[CE]; Path=/; Domain=navyfederal.org; Max-Age=63072000; Expires=Thu, 17 Oct 2024 10:31:31 GMT;
AMCV_9BD537045330573C0A490D44%40AdobeOrg=0%7CMCMID%7C77997929983667913361567854683576516975; Path=/; Domain=navyfederal.org; Max-Age=63072000; Expires=Thu, 17 Oct 2024 10:31:31 GMT;
s_ecid=MCMID%7C77997929983667913361567854683576516975; Path=/; Domain=navyfederal.org; Max-Age=63072000; Expires=Thu, 17 Oct 2024 10:31:31 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 89
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=9BD537045330573C0A490D44%40AdobeOrg&d_nsid=0&d_mid=77997929983667913361567854683576516975&d_cid_ic=AVID%0131A740409708C92C-6000152356133EC0&ts=1666089096444
200 OK 302 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=9BD537045330573C0A490D44%40AdobeOrg&d_nsid=0&d_mid=77997929983667913361567854683576516975&d_cid_ic=AVID%0131A740409708C92C-6000152356133EC0&ts=1666089096444
IP
File type JSON data\012- , ASCII text, with very long lines (358), with no line terminators
Hash c6f8b090dbcd306ee60f246fc5876188
61d882d99a8d91787bedea1a90051fd920fc5a58
50929f86d3c0fca4e4ab3a38f1c5b6bbf54001482a33d7b080bd51f257025b1e
GET /id?d_visid_ver=5.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=9BD537045330573C0A490D44%40AdobeOrg&d_nsid=0&d_mid=77997929983667913361567854683576516975&d_cid_ic=AVID%0131A740409708C92C-6000152356133EC0&ts=1666089096444 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://secure58.webhostinghub.com
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure58.webhostinghub.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-06d0a7e3e.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=71969144166578036381881623286836571825; Max-Age=15552000; Expires=Sun, 16 Apr 2023 10:31:29 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 7O4l0l3MRqw=
Content-Length: 302
Connection: keep-alive
membership.navyfederal.org/iojs/4.1.6/logo.js
200 OK 257 B URL HTTP/1.1 membership.navyfederal.org/iojs/4.1.6/logo.js
IP
Hash d35c8c6f31a1866f664fe8c60fbfd254
2305cd8ac0bb5059e9da99c6a7ddc00df1992eeb
441f23fe738e3ee39e34ea2608bb6e9dba6026a4fcd1de71a41aa533d4550ed3
GET /iojs/4.1.6/logo.js HTTP/1.1
Host: membership.navyfederal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Backside-Transport: OK OK
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Content-Type: text/javascript
Expires: Wed, 18 Oct 2023 10:31:29 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
X-Global-Transaction-ID: 43960406634e8081a6b478ff
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Content-Length: 257
Vary: Accept-Encoding
Date: Tue, 18 Oct 2022 10:31:29 GMT
Connection: keep-alive
Set-Cookie: membershipdc=d; path=/; domain=navyfederal.org; secure
nfcu.demdex.net/dest5.html?d_nsid=0
200 OK 2.8 kB URL HTTP/1.1 nfcu.demdex.net/dest5.html?d_nsid=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: nfcu.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 18 Oct 2022 10:31:29 GMT
DCS: dcs-prod-irl1-2-v044-065047866.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 17 Oct 2022 12:31:01 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: Yo3R+uwiSGQ=
Content-Length: 2791
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 03b0b45a93caa1e340ae313a175172a7
3d33d23b021e1823a76330ecbe860a04f1523270
27b01f5cb98858136277091123fd2802462d98da56acc37f82927ba0b86f554e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120551
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:29 GMT
Etag: "634db468-117"
Expires: Wed, 19 Oct 2022 20:00:40 GMT
Last-Modified: Mon, 17 Oct 2022 20:00:40 GMT
Server: nginx
Content-Length: 279
secure58.webhostinghub.com/~dateba5/nf/run/TDOX3/jquery.bpopup.min.js
302 Found 201 B URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/TDOX3/jquery.bpopup.min.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 29ef6392f90f7b121716b5da08e56c51
37be3050227cecf1428e146d9db71b4e3efd22d0
e1a161e4dffb20aa3981e181760a99dd601f772c72ec9236b2bbde613e94d463
GET /~dateba5/nf/run/TDOX3/jquery.bpopup.min.js HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Cookie: AMCV_9BD537045330573C0A490D44%40AdobeOrg=1176715910%7CMCIDTS%7C19284%7CMCMID%7C77997929983667913361567854683576516975%7CMCAID%7C31A740409708C92C-6000152356133EC0%7CMCOPTOUT-1666096296s%7CNONE%7CMCAAMLH-1666693896%7C6%7CMCAAMB-1666693896%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.4.0; _gcl_au=1.1.1934798655.1666089096; AMCVS_9BD537045330573C0A490D44%40AdobeOrg=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
location: http://google.com
content-length: 201
content-type: text/html; charset=iso-8859-1
date: Tue, 18 Oct 2022 10:31:29 GMT
server: Apache
X-Firefox-Spdy: h2
membership.navyfederal.org/assets/img/checkmark.svg
200 OK 246 B URL HTTP/1.1 membership.navyfederal.org/assets/img/checkmark.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with no line terminators
Hash 56ff00f62fac7823a060decebed9b746
9311aba30cd15505752ddaf7d6ece94974626abd
f364e4c91620c4a79a9a293fc8f092831e69194d851580af3aa432dd7942f0d4
GET /assets/img/checkmark.svg HTTP/1.1
Host: membership.navyfederal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Backside-Transport: OK OK
Last-Modified: Fri, 10 Jun 2022 15:30:50 GMT
ETag: "9af2-120-5e1199f80be80"
Content-Type: image/svg+xml
X-Global-Transaction-ID: 8f404235634e8081b9698dff
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Content-Length: 246
Vary: Accept-Encoding
Date: Tue, 18 Oct 2022 10:31:30 GMT
Connection: keep-alive
Set-Cookie: membershipdc=d; path=/; domain=navyfederal.org; secure
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 59c9f4b6a5cb5571f7e8ec52f3548732
9bd1c495d09547b8cc983f71b90471f42ec61f94
25c4798d1ef0730368cc5c6d41a4596c5c914865f6f7a4fad97bdd4ce017894e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7176
Expires: Tue, 18 Oct 2022 12:31:06 GMT
Date: Tue, 18 Oct 2022 10:31:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 59c9f4b6a5cb5571f7e8ec52f3548732
9bd1c495d09547b8cc983f71b90471f42ec61f94
25c4798d1ef0730368cc5c6d41a4596c5c914865f6f7a4fad97bdd4ce017894e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7176
Expires: Tue, 18 Oct 2022 12:31:06 GMT
Date: Tue, 18 Oct 2022 10:31:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 59c9f4b6a5cb5571f7e8ec52f3548732
9bd1c495d09547b8cc983f71b90471f42ec61f94
25c4798d1ef0730368cc5c6d41a4596c5c914865f6f7a4fad97bdd4ce017894e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7176
Expires: Tue, 18 Oct 2022 12:31:06 GMT
Date: Tue, 18 Oct 2022 10:31:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 59c9f4b6a5cb5571f7e8ec52f3548732
9bd1c495d09547b8cc983f71b90471f42ec61f94
25c4798d1ef0730368cc5c6d41a4596c5c914865f6f7a4fad97bdd4ce017894e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7176
Expires: Tue, 18 Oct 2022 12:31:06 GMT
Date: Tue, 18 Oct 2022 10:31:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 59c9f4b6a5cb5571f7e8ec52f3548732
9bd1c495d09547b8cc983f71b90471f42ec61f94
25c4798d1ef0730368cc5c6d41a4596c5c914865f6f7a4fad97bdd4ce017894e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7176
Expires: Tue, 18 Oct 2022 12:31:06 GMT
Date: Tue, 18 Oct 2022 10:31:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac24bbc-2384-4b1a-8975-8f234993cf13.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac24bbc-2384-4b1a-8975-8f234993cf13.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5bfe4eacfc7a7da22f09c2c7ecaa3e0f
5a87e495d4151b29800fa8197b99f9ac6bc92aa9
4bd85ff0261fe02a121ba3016e449484dc9ff1db6ee40a04de1db2b3fef3a89a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac24bbc-2384-4b1a-8975-8f234993cf13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7048
x-amzn-requestid: dcc46893-fde1-4219-95ac-acb6f6e9699f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKyrsE8PoAMFmtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcb17-33d062d95a23d6f07608cd17;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LF0zK5uvWjLtqQG1OtHzjjklsZxp3QeV1hKaSo3_TapeabPsLS03JA==
via: 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 22:30:57 GMT
age: 43233
etag: "5a87e495d4151b29800fa8197b99f9ac6bc92aa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cc7a23f-7b98-4f79-909c-066ae8e2acbe.webp
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cc7a23f-7b98-4f79-909c-066ae8e2acbe.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4937d44167397eed4688dd9af7b36a4e
974cddb2aaa171c0bc9a4ee1cc65478c27b4f222
3a2767d5c083b6e10b0891efc952064f252ff8f098a42a430caf81bcec87f121
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cc7a23f-7b98-4f79-909c-066ae8e2acbe.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9360
x-amzn-requestid: 2ec20378-fdf7-4932-9ea9-6b9ce12294ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKzQaFdNoAMFeYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcc02-7b7027d43874f7e67eac3f4f;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:41:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: H7o7cX-vIcSQAKGsKRCiooF-7bhnhbE0L2dTZKhvRnlYFATbQTOMUw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:55:28 GMT
age: 45362
etag: "974cddb2aaa171c0bc9a4ee1cc65478c27b4f222"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e7fd6e50e59e93dd5329060ecbe7fef
1d89b8268579f42b0265df7b14f77930033b23fe
7c03b8ca2822417615d12bc133b199bb64ccdba10aa0656d1dc6843c6471b39d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6836
x-amzn-requestid: ad5ca7f1-a21c-44d3-b419-dfa7cf868e12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKzQZHPFIAMFuig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcc02-38b229432e2fbaa8779daa52;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:41:22 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dUm6WGDUVTB3WOdPSILAuSAQFCxj5sNwu2pmzi_ax7mhbrj-_tdWQg==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:55:26 GMT
etag: "1d89b8268579f42b0265df7b14f77930033b23fe"
content-type: image/jpeg
age: 45364
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54edb9ab897821172fc13756df376ee7
2010f9656d87e6f5220f131628c537720c3673e1
6694c1be0adf97fa77d1bfa29337d9e609b729a58d42e141e9bb55ed6367b1d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13261
x-amzn-requestid: dd760e09-701e-4956-9723-386edc97c694
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fH6FzIoAMFzJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344deff-197cf4f048e146af5654d0bd;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-Blz23OttwJC3PacLqAd2IBfJkfEMXm4D1rhNveLqCtHyFDD9OwZw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 06:35:41 GMT
age: 14149
etag: "2010f9656d87e6f5220f131628c537720c3673e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30070f54-147f-4ac1-a6d9-47926b5df499.png
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30070f54-147f-4ac1-a6d9-47926b5df499.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 660a83587364009357a8b0a274198009
8772b451136ba48926909198dc9b826248dbb22d
8ebf1ba41e8c898f1927ea34002bccb5a79857c0c66b754a27b9397d2813f9ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30070f54-147f-4ac1-a6d9-47926b5df499.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13163
x-amzn-requestid: 36cec0f5-36e2-4a8e-865e-aafb9a7e0c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKypIF6goAMFhSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcb07-6c28060e7d3d80aa65172a65;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:37:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jhFBCpj4wmEQnjWoeDXHzIDtRkdIYESGCcYSDIQkeKEhwZ-Z1ONxVg==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:44:22 GMT
age: 46028
etag: "8772b451136ba48926909198dc9b826248dbb22d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure58.webhostinghub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:26:57 GMT
expires: Thu, 12 Oct 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 486273
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure58.webhostinghub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:26:57 GMT
expires: Thu, 12 Oct 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 486273
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js-codes.com/modernizr/2.9.1/modernizr.min.js
200 OK 9.1 kB URL HTTP/2 js-codes.com/modernizr/2.9.1/modernizr.min.js
IP
File type HTML document, ASCII text, with very long lines (3807), with no line terminators
Hash 1c622cbb36205c93bb64f466212863d7
24123390d61df08a5d44de6342e4e18985f769bb
271c6211217e50eecee183c61927dd6d4741afae437eca46d4014079e936d9b6
GET /modernizr/2.9.1/modernizr.min.js HTTP/1.1
Host: js-codes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 10:31:29 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express, Phusion Passenger(R) 6.0.10
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 07:04:24 GMT
etag: W/"edf-15f0a3fa4c0"
status: 200 OK
expires: Wed, 18 Oct 2023 10:31:29 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytF4VbRgyhCJ8ywup1fe7qVv85tM1lMV0dfzGZYPGMdIe3ZbbIDgzhMcHRn%2FNXt%2BGq4sVhJo6ZDpqWavqHB71HVC9w9RIdljywYPo2ceE%2Bx7qUPMiWB4HrQAIfVmcfY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c09ac71ca3b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/baloopaaji2/v20/i7dMIFFzbz-QHZUdV9_UGWZuUFWaHg.woff2
200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/baloopaaji2/v20/i7dMIFFzbz-QHZUdV9_UGWZuUFWaHg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 32056, version 1.0\012- data
Hash fe9f9764cadbb00f8bcdae7be1c89116
b1b127f397d984c8b817d491bf6c279459ab6f60
80ab6f1b9fc7bd8c05656d179cbb35c8d9a4dc0c5a4121e3ed6b527b7b63eb6b
GET /s/baloopaaji2/v20/i7dMIFFzbz-QHZUdV9_UGWZuUFWaHg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure58.webhostinghub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 19:43:15 GMT
expires: Fri, 13 Oct 2023 19:43:15 GMT
cache-control: public, max-age=31536000
age: 398895
last-modified: Fri, 24 Jun 2022 18:45:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
membership.navyfederal.org/assets/img/nfculogo.png
200 OK 18 kB URL HTTP/1.1 membership.navyfederal.org/assets/img/nfculogo.png
IP
File type PNG image data, 600 x 223, 8-bit gray+alpha, non-interlaced\012- data
Hash 0260a8f7dcca213c54a8a512763f8fc4
8a3aff81166d9548fd2eba6baff9444ed1fc0903
dfbfbe550f689ef4b5e05640b68feb2a16b1542696f844147d97ccb29f3e354e
GET /assets/img/nfculogo.png HTTP/1.1
Host: membership.navyfederal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://membership.navyfederal.org/main-3f5bb14d310ca730c164.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
X-Backside-Transport: OK OK
Last-Modified: Fri, 10 Jun 2022 15:30:50 GMT
ETag: "365b0-4848-5e1199f80be80"
Content-Type: image/png
X-Global-Transaction-ID: 43960406634db4649dd89bbf
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Content-Length: 17829
Vary: Accept-Encoding
Date: Tue, 18 Oct 2022 10:31:30 GMT
Connection: keep-alive
api.ipify.org/?format=jsonp&callback=updateIp
200 OK 32 B URL HTTP/1.1 api.ipify.org/?format=jsonp&callback=updateIp
IP
File type ASCII text, with no line terminators
Hash 149b08cb89e30d719155d91225e5b029
8b2f499cabdeadce5c99be85920830553d037fb9
9617db925f7e3d0fc2ed7950ae797d396adea7415f03462474cea5632b92e152
GET /?format=jsonp&callback=updateIp HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Content-Type: application/javascript
Vary: Origin
Date: Tue, 18 Oct 2022 10:31:30 GMT
Content-Length: 32
Via: 1.1 vegur
secure58.webhostinghub.com/~dateba5/nf/run/msg_files/15.jpg
200 OK 13 kB URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/msg_files/15.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=46, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=63], baseline, precision 8, 63x46, components 3\012- data
Hash 3c6ae566b647c6af3a54d7ce41120b65
c4abf4191d42b8a7999c9062a92ae22c2c979192
3a1fad2084b07e4c5242b7d4dd96356d8ce76f9a4435a4bf3a32a774f6f0d51e
GET /~dateba5/nf/run/msg_files/15.jpg HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Cookie: AMCV_9BD537045330573C0A490D44%40AdobeOrg=1176715910%7CMCIDTS%7C19284%7CMCMID%7C77997929983667913361567854683576516975%7CMCAID%7C31A740409708C92C-6000152356133EC0%7CMCOPTOUT-1666096296s%7CNONE%7CMCAAMLH-1666693896%7C6%7CMCAAMB-1666693896%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.4.0; _gcl_au=1.1.1934798655.1666089096; AMCVS_9BD537045330573C0A490D44%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Apr 2020 16:27:04 GMT
accept-ranges: bytes
content-length: 12600
content-type: image/jpeg
date: Tue, 18 Oct 2022 10:31:30 GMT
server: Apache
X-Firefox-Spdy: h2
secure58.webhostinghub.com/~dateba5/nf/run/msg_files/4.jpg
200 OK 12 kB URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/msg_files/4.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2018:10:02 20:29:59], baseline, precision 8, 63x46, components 3\012- data
Hash fd2fdb932912d67cb70848092808c86e
e228629752df49f806be2fbe2eb458f3d460c23b
e93719f206f74c336bba79a4e79ede976528126631522703d4439b6ed30ee05c
GET /~dateba5/nf/run/msg_files/4.jpg HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Cookie: AMCV_9BD537045330573C0A490D44%40AdobeOrg=1176715910%7CMCIDTS%7C19284%7CMCMID%7C77997929983667913361567854683576516975%7CMCAID%7C31A740409708C92C-6000152356133EC0%7CMCOPTOUT-1666096296s%7CNONE%7CMCAAMLH-1666693896%7C6%7CMCAAMB-1666693896%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.4.0; _gcl_au=1.1.1934798655.1666089096; AMCVS_9BD537045330573C0A490D44%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Oct 2018 15:30:00 GMT
accept-ranges: bytes
content-length: 12282
content-type: image/jpeg
date: Tue, 18 Oct 2022 10:31:30 GMT
server: Apache
X-Firefox-Spdy: h2
secure58.webhostinghub.com/~dateba5/nf/run/msg_files/11.jpg
200 OK 12 kB URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/msg_files/11.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2018:10:03 15:35:05], baseline, precision 8, 63x46, components 3\012- data
Hash cbbd5b909498f787a942b501c48a99a9
532a6c559468277f18a6806813f4f82e34cc9732
37054de5183e8f86b077e0df06d0b96312a4dbece84f49518bed694098cb3bb6
GET /~dateba5/nf/run/msg_files/11.jpg HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Cookie: AMCV_9BD537045330573C0A490D44%40AdobeOrg=1176715910%7CMCIDTS%7C19284%7CMCMID%7C77997929983667913361567854683576516975%7CMCAID%7C31A740409708C92C-6000152356133EC0%7CMCOPTOUT-1666096296s%7CNONE%7CMCAAMLH-1666693896%7C6%7CMCAAMB-1666693896%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.4.0; _gcl_au=1.1.1934798655.1666089096; AMCVS_9BD537045330573C0A490D44%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Oct 2018 10:35:06 GMT
accept-ranges: bytes
content-length: 12285
content-type: image/jpeg
date: Tue, 18 Oct 2022 10:31:30 GMT
server: Apache
X-Firefox-Spdy: h2
secure58.webhostinghub.com/~dateba5/nf/run/msg_files/6.jpg
200 OK 12 kB URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/msg_files/6.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2018:10:02 20:47:05], baseline, precision 8, 63x46, components 3\012- data
Hash cba3b163ee56a26e23aae3d4bf14a899
8802934cacdba1b6cad57797f7ffd07149ee4a27
3307afe0efcf53aa9322f609b1edcbaaf6228cdc07775664db09a47a93eed79f
GET /~dateba5/nf/run/msg_files/6.jpg HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Cookie: AMCV_9BD537045330573C0A490D44%40AdobeOrg=1176715910%7CMCIDTS%7C19284%7CMCMID%7C77997929983667913361567854683576516975%7CMCAID%7C31A740409708C92C-6000152356133EC0%7CMCOPTOUT-1666096296s%7CNONE%7CMCAAMLH-1666693896%7C6%7CMCAAMB-1666693896%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.4.0; _gcl_au=1.1.1934798655.1666089096; AMCVS_9BD537045330573C0A490D44%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Oct 2018 15:47:06 GMT
accept-ranges: bytes
content-length: 12390
content-type: image/jpeg
date: Tue, 18 Oct 2022 10:31:30 GMT
server: Apache
X-Firefox-Spdy: h2
secure58.webhostinghub.com/~dateba5/nf/run/msg_files/5.jpg
200 OK 13 kB URL HTTP/2 secure58.webhostinghub.com/~dateba5/nf/run/msg_files/5.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2018:10:02 20:36:54], baseline, precision 8, 63x46, components 3\012- data
Hash e084468b76e2aadc2c89791d82f393a6
0cd0a40bce47f9d87c1f685cdb3b47f7f999e4a7
850824bff6f41d72c5954b3794f1de671a1625c6603ae0454930dd48effb79b2
GET /~dateba5/nf/run/msg_files/5.jpg HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Cookie: AMCV_9BD537045330573C0A490D44%40AdobeOrg=1176715910%7CMCIDTS%7C19284%7CMCMID%7C77997929983667913361567854683576516975%7CMCAID%7C31A740409708C92C-6000152356133EC0%7CMCOPTOUT-1666096296s%7CNONE%7CMCAAMLH-1666693896%7C6%7CMCAAMB-1666693896%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.4.0; _gcl_au=1.1.1934798655.1666089096; AMCVS_9BD537045330573C0A490D44%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Oct 2018 15:36:56 GMT
accept-ranges: bytes
content-length: 12690
content-type: image/jpeg
date: Tue, 18 Oct 2022 10:31:30 GMT
server: Apache
X-Firefox-Spdy: h2
secure58.webhostinghub.com/libraries/840a3e1ffno17969510790ec37fbbc3
404 Not Found 236 B URL HTTP/2 secure58.webhostinghub.com/libraries/840a3e1ffno17969510790ec37fbbc3
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 3dea6e4a74ae5c8a6b8dd3bae0de6081
0b2672db2629a86272ca21084220113c548195db
6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362
GET /libraries/840a3e1ffno17969510790ec37fbbc3 HTTP/1.1
Host: secure58.webhostinghub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/~dateba5/nf/run/si.html?cmd=_account-details&session=
Cookie: AMCV_9BD537045330573C0A490D44%40AdobeOrg=1176715910%7CMCIDTS%7C19284%7CMCMID%7C77997929983667913361567854683576516975%7CMCAID%7C31A740409708C92C-6000152356133EC0%7CMCOPTOUT-1666096296s%7CNONE%7CMCAAMLH-1666693896%7C6%7CMCAAMB-1666693896%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.4.0; _gcl_au=1.1.1934798655.1666089096; AMCVS_9BD537045330573C0A490D44%40AdobeOrg=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 236
content-type: text/html; charset=iso-8859-1
date: Tue, 18 Oct 2022 10:31:30 GMT
server: Apache
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
200 OK 402 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
IP
File type ASCII text, with very long lines (608)
Size 402 kB (401632 bytes)
Hash af538c6d81d575aac0416963bea7b208
22a080678c77639132902a5ef3ead0b4d06b3120
396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0
GET /recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure58.webhostinghub.com
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 401632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 17:40:38 GMT
expires: Tue, 17 Oct 2023 17:40:38 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
content-type: text/javascript
age: 60652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9624bcb757b652b34c1c211dca99cbcb
8c687bd81d8c8a3bfbe4fb979b6833059bb6aee4
08c678877ceae0113f8fe8f09a411add73af575b32d0f998ca127280d9b74573
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
9749892.fls.doubleclick.net/activityi;src=9749892;type=membersh;cat=nfcu_00;ord=5677740723080;gtm=2odbu0;auiddc=1033037360.1608248491;~oref=https%3A%2F%2Fmembership.navyfederal.org%2F?
200 OK 360 B URL HTTP/2 9749892.fls.doubleclick.net/activityi;src=9749892;type=membersh;cat=nfcu_00;ord=5677740723080;gtm=2odbu0;auiddc=1033037360.1608248491;~oref=https%3A%2F%2Fmembership.navyfederal.org%2F?
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (460), with no line terminators
Hash 349defbd6d6665014784af14172aee26
16b7727437bc184109adabfb1169097800662c38
29fd287899fecd4697cb507c64a7f1917856aa02714b2a52c54a5f2e22abdc15
GET /activityi;src=9749892;type=membersh;cat=nfcu_00;ord=5677740723080;gtm=2odbu0;auiddc=1033037360.1608248491;~oref=https%3A%2F%2Fmembership.navyfederal.org%2F? HTTP/1.1
Host: 9749892.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 10:31:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 360
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 18-Oct-2022 10:46:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9624bcb757b652b34c1c211dca99cbcb
8c687bd81d8c8a3bfbe4fb979b6833059bb6aee4
08c678877ceae0113f8fe8f09a411add73af575b32d0f998ca127280d9b74573
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 81cf4e66ebea53cf4c46a81c50975b4a
afc272169e9760e5a3c49ee414d8bf8405509f9f
79f1dc240bab5db7308fc64cf0ca6bc722e02ed54d38500b8c09e01be23424b9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100260
Date: Tue, 18 Oct 2022 10:31:30 GMT
Etag: "634d520b-1d7"
Expires: Wed, 19 Oct 2022 14:22:30 GMT
Last-Modified: Mon, 17 Oct 2022 13:00:59 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PGQ6ad-TaiFbnsSfTa63IbVd8qB1_oJ0mF_dkzcKqD5WUWV2N0-Igg==
Age: 4891
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash dacaeafb819026a188905266558de0dc
5761fb8515e08e4cc3e16a0036a1337d599a6dd8
3f016a36f39a7ca47ed44040ea6e145863cba28057cd50d972afdbd2b42053c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=9749892;type=membersh;cat=nfcu_00;ord=5677740723080;gtm=2odbu0;auiddc=1033037360.1608248491;~oref=https%3A%2F%2Fmembership.navyfederal.org%2F
200 OK 362 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9749892;type=membersh;cat=nfcu_00;ord=5677740723080;gtm=2odbu0;auiddc=1033037360.1608248491;~oref=https%3A%2F%2Fmembership.navyfederal.org%2F
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (459), with no line terminators
Hash 706903e9e371b9f00dc90efa9db2ca12
59a6121173b5f4f091fa5aee41e2d61c52f77160
7c460c80b30e0fac9a86046cd0b15294201ef135ab8af24cb79a4eaeba7ef588
GET /ddm/fls/i/src=9749892;type=membersh;cat=nfcu_00;ord=5677740723080;gtm=2odbu0;auiddc=1033037360.1608248491;~oref=https%3A%2F%2Fmembership.navyfederal.org%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9749892.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 10:31:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.everesttech.net/cm/dd?d_uuid=71969144166578036381881623286836571825
302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=71969144166578036381881623286836571825
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=71969144166578036381881623286836571825 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Tue, 18 Oct 2022 10:31:30 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y06AggAAAHjXpAN-; Domain=.everesttech.net; Expires=Wed, 18-Oct-2023 10:31:30 GMT; Path=/
everest_session_v2=Y06AggAAAHjXpQN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y06AggAAAHjXpAN-
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y06AggAAAHjXpAN-
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y06AggAAAHjXpAN-
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y06AggAAAHjXpAN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure58.webhostinghub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-07188673d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y06AggAAAHjXpAN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=15816483724717103531923007151965948627; Max-Age=15552000; Expires=Sun, 16 Apr 2023 10:31:30 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: WfNs2I6STas=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y06AggAAAHjXpAN-
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y06AggAAAHjXpAN-
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y06AggAAAHjXpAN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure58.webhostinghub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v044-08580ef78.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: o1F5kdjFTrM=
Content-Length: 59
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d10d6b2b6fe85a52d6e4f650d58a0260
9658c9fef7ee313e823b304b325b8594310ed752
488f2bfeef899c3f8a80ad1f0b732ea4054c57dec1939f947370b93fb9c15c63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=9749892;type=membersh;cat=nfcu_00;ord=5677740723080;gtm=2odbu0;auiddc=1033037360.1608248491;~oref=https%3A%2F%2Fmembership.navyfederal.org%2F
302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9749892;type=membersh;cat=nfcu_00;ord=5677740723080;gtm=2odbu0;auiddc=1033037360.1608248491;~oref=https%3A%2F%2Fmembership.navyfederal.org%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=9749892;type=membersh;cat=nfcu_00;ord=5677740723080;gtm=2odbu0;auiddc=1033037360.1608248491;~oref=https%3A%2F%2Fmembership.navyfederal.org%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 10:31:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;type=membersh;cat=nfcu_00;ord=5677740723080;gtm=2odbu0;auiddc=1033037360.1608248491;~oref=https%3A%2F%2Fmembership.navyfederal.org%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d10d6b2b6fe85a52d6e4f650d58a0260
9658c9fef7ee313e823b304b325b8594310ed752
488f2bfeef899c3f8a80ad1f0b732ea4054c57dec1939f947370b93fb9c15c63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 00f08958ea8e19064d2fb138c08896d0
2968d902274f4eb6e998e97dde9b409627929390
743d17e9ae74ef96183765a2216fd41868a83a484f141f0eb9ab184b7f9ba28b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.navyfederal.org/NFOAA_Auth/favicon.ico
200 OK 351 B URL HTTP/1.1 my.navyfederal.org/NFOAA_Auth/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1ff701ad319400203220d48758838e99
e603d649127b743e4c32988dd40cde0c0924c11b
4bb25e1c20ad9bb64afc21206c14f5c25140a4056b8bddc06ac554559d59c71e
GET /NFOAA_Auth/favicon.ico HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Powered-By: Servlet/3.0
X-Frame-Options: DENY
Last-Modified: Wed, 07 Sep 2022 21:50:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: image/x-icon
Content-Language: en-US
Content-Length: 351
Cache-Control: max-age=900
Expires: Tue, 18 Oct 2022 10:46:30 GMT
Date: Tue, 18 Oct 2022 10:31:30 GMT
Connection: keep-alive
Set-Cookie: my_dc=w; path=/; domain=.navyfederal.org; secure
akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=86~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=665070f909e565413d339aa8f0b391c7; path=/; Secure; SameSite=None; Domain=.navyfederal.org
Strict-Transport-Security: max-age=31536000
www.googleadservices.com/pagead/conversion.js
200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP
File type ASCII text, with very long lines (2021)
Hash facf633646edbf5b62983e22d11aa160
0373848f224ca40d2982581b205a8cf28b72dd7c
ce5955eb70e6611579323a75ba5536d9af9a224a593fe1a2d8d204fa1127f524
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9749892.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 18 Oct 2022 10:31:30 GMT
expires: Tue, 18 Oct 2022 10:31:30 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11313833467736987248
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16840
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5d45fc2295607d8394cc1375e67ea8ff
c88d22b98664013b6ec40c372331de6e7c4b0542
348e8f7ed57f4cac5691bdeb4d712573e42b3bcbdf89b7211a94cc420d4a3ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 29a1220730c819706911cf734f2243b3
c710c5ddf67ee7db23733ce13a67bd587e2d4e18
76401f3cc6e10c98eeef4c6755b58d5e17e4e97059672d610dc213e09be6abd3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=89666
Date: Tue, 18 Oct 2022 10:31:31 GMT
Etag: "634d2518-1d7"
Expires: Wed, 19 Oct 2022 11:25:57 GMT
Last-Modified: Mon, 17 Oct 2022 09:49:12 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h8YZXeyB_6CFCr5xN4vrpaHG0MXYyYOKztcfEpMDD8pj2MjtQx2y9g==
Age: 5805
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4e526082a1b1a7258f7e7410f0a514aa
616dbf1604ffd7cf931f2106bb5a5aa36f540a66
e18af40b1586685336b2330e88c71c5d287515eca8d5b07a7a462b06551c5ddb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 10:31:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 16 Oct 2022 09:46:09 GMT
Expires: Sun, 23 Oct 2022 09:46:08 GMT
Etag: "616dbf1604ffd7cf931f2106bb5a5aa36f540a66"
Cache-Control: max-age=428676,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75c09ac6fb810b45-OSL
b.videoamp.com/d2/66bf5dc2-726a-11ec-a92f-0bd8fa9d96c6/2929/impression?dnt=false&vpxid=2929&bwb=35&us_privacy={{US_PRIVACY_STRING}}
200 OK 42 B URL HTTP/2 b.videoamp.com/d2/66bf5dc2-726a-11ec-a92f-0bd8fa9d96c6/2929/impression?dnt=false&vpxid=2929&bwb=35&us_privacy={{US_PRIVACY_STRING}}
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /d2/66bf5dc2-726a-11ec-a92f-0bd8fa9d96c6/2929/impression?dnt=false&vpxid=2929&bwb=35&us_privacy={{US_PRIVACY_STRING}} HTTP/1.1
Host: b.videoamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9749892.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 10:31:31 GMT
content-type: image/gif
content-length: 42
server: Beacon Server
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
set-cookie: vampid=d8064ed1-b09a-4053-91ec-229aabd13f13; expires=Wed, 18 Oct 2023 10:31:31 GMT; domain=.videoamp.com; path=/; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 19e7990cd87b450055801628f57bfe40
8869bbbf322291dfd468fe01553509760a764aba
4858bc26a8d7222655553e101042583abbdbcd2b988f8c59db688bab3da48801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 72660654234a907d12ed4611403301d8
74802650d747d31d15e95fbe9e08c909d9ad202a
bc2040607d1448aa2a0789b0cf7da94d2aa0107adca995b00022dc3f9a27cab3
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 10:31:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 22 Oct 2022 07:57:43 GMT
ETag: "74802650d747d31d15e95fbe9e08c909d9ad202a"
Last-Modified: Tue, 18 Oct 2022 07:57:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2992
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c09ad73a7db52d-OSL
googleads.g.doubleclick.net/pagead/viewthroughconversion/683427688/?random=1704930703&cv=9&fst=1666089098363&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D5677740723080%3Bgtm%3D2odbu0%3Bauiddc%3D1033037360.1608248491%3B~oref%3Dhttps%253A%252F%252Fmembership.navyfederal.org%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=g4BOY5LnJuuX7AOkh5zACg&sscte=1&crd=CJqqsQI
302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/683427688/?random=1704930703&cv=9&fst=1666089098363&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D5677740723080%3Bgtm%3D2odbu0%3Bauiddc%3D1033037360.1608248491%3B~oref%3Dhttps%253A%252F%252Fmembership.navyfederal.org%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=g4BOY5LnJuuX7AOkh5zACg&sscte=1&crd=CJqqsQI
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/683427688/?random=1704930703&cv=9&fst=1666089098363&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D5677740723080%3Bgtm%3D2odbu0%3Bauiddc%3D1033037360.1608248491%3B~oref%3Dhttps%253A%252F%252Fmembership.navyfederal.org%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=g4BOY5LnJuuX7AOkh5zACg&sscte=1&crd=CJqqsQI HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9749892.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 10:31:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/683427688/?random=1704930703&cv=9&fst=1666089098363&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D5677740723080%3Bgtm%3D2odbu0%3Bauiddc%3D1033037360.1608248491%3B~oref%3Dhttps%253A%252F%252Fmembership.navyfederal.org%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=g4BOY5LnJuuX7AOkh5zACg&random=2263614139&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 18-Oct-2022 10:46:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?event=ViewCategory&tid=2617254381486&noscript=1
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?event=ViewCategory&tid=2617254381486&noscript=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?event=ViewCategory&tid=2617254381486&noscript=1 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9749892.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 9352237462290180
date: Tue, 18 Oct 2022 10:31:31 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZrOVRqVVUybHV6K3RjZG1YN0pXRm9IQk1za0RrRU5VL0pQMGZzeXBGRG1YYWpPY3hJa0ZtN3pCaHRTb3ZXbHdpZy9WZkZmT3BoT0pDblh3WEl5NktMa0NYNWhZdEkyODV0UCtXTkt3TzRrOD0mendoc0EzTSswQWo5cUREVUNONVZDelNZcVNvPQ=="; Expires=Wed, 18 Oct 2023 10:31:31 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1666089091.a3762303
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2617254381486&noscript=1
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2617254381486&noscript=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2617254381486&noscript=1 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9749892.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 6887348984470598
date: Tue, 18 Oct 2022 10:31:31 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZUZlpKMG9DOUJEam1rVHZTa1EyNWdRb1hPaUdDOVdhSUlPVHdyVjJQTUNOYndBdjhzMFNKQ0VSc3dZNUJJemI2ZmVSM1hKUGI5eFNXM05jN1Fnay9OWlZwZTkzTVhDWWNheUpGQitWOUhpOD0md1lER1BoZCtmWXRyeHc2WFVLSTBBYXU3VTlNPQ=="; Expires=Wed, 18 Oct 2023 10:31:31 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1666089091.a376231b
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
action.media6degrees.com/orbserv/nsjs?adv=cl1027128&ns=2142&nc=NFCU_Membership&ncv=21&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
200 OK 66 B URL HTTP/2 action.media6degrees.com/orbserv/nsjs?adv=cl1027128&ns=2142&nc=NFCU_Membership&ncv=21&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
IP
Hash 62cf4faca5e1d0d1782efe407b82a7bc
18e8cdcfd7a2fad02bd99351977f26cb3f81c966
0ceee345015c1e2dd3de05c039045176f1d3662aa73bf307e2d02228ca45398c
GET /orbserv/nsjs?adv=cl1027128&ns=2142&nc=NFCU_Membership&ncv=21&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP/1.1
Host: action.media6degrees.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9749892.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 10:31:31 GMT
content-type: text/html;charset=ISO-8859-1
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
content-language: en-US
set-cookie: JSESSIONID=BFE37AC0503351B0C6302454D2FDF839; Path=/orbserv/; HttpOnly
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75c09ad5d9b8b51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 19e7990cd87b450055801628f57bfe40
8869bbbf322291dfd468fe01553509760a764aba
4858bc26a8d7222655553e101042583abbdbcd2b988f8c59db688bab3da48801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 10:31:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/683427688/?random=1704930703&cv=9&fst=1666089098363&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D5677740723080%3Bgtm%3D2odbu0%3Bauiddc%3D1033037360.1608248491%3B~oref%3Dhttps%253A%252F%252Fmembership.navyfederal.org%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=g4BOY5LnJuuX7AOkh5zACg&random=2263614139&resp=GooglemKTybQhCsO&ipr=y&prhg=0
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/683427688/?random=1704930703&cv=9&fst=1666089098363&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D5677740723080%3Bgtm%3D2odbu0%3Bauiddc%3D1033037360.1608248491%3B~oref%3Dhttps%253A%252F%252Fmembership.navyfederal.org%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=g4BOY5LnJuuX7AOkh5zACg&random=2263614139&resp=GooglemKTybQhCsO&ipr=y&prhg=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/683427688/?random=1704930703&cv=9&fst=1666089098363&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D5677740723080%3Bgtm%3D2odbu0%3Bauiddc%3D1033037360.1608248491%3B~oref%3Dhttps%253A%252F%252Fmembership.navyfederal.org%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=g4BOY5LnJuuX7AOkh5zACg&random=2263614139&resp=GooglemKTybQhCsO&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9749892.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 10:31:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
action.dstillery.com/orbserv/nsjs?adv=cl1027128&ns=2142&nc=NFCU_Membership&ncv=21&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
302 Found 0 B URL HTTP/2 action.dstillery.com/orbserv/nsjs?adv=cl1027128&ns=2142&nc=NFCU_Membership&ncv=21&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
IP
GET /orbserv/nsjs?adv=cl1027128&ns=2142&nc=NFCU_Membership&ncv=21&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP/1.1
Host: action.dstillery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9749892.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 18 Oct 2022 10:31:31 GMT
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1027128&ns=2142&nc=NFCU_Membership&ncv=21&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75c09ad2ad69b51b-OSL
X-Firefox-Spdy: h2
insight.adsrvr.org/track/pxl/?adv=pcl8biy&ct=0:1psqepk&fmt=3
200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/pxl/?adv=pcl8biy&ct=0:1psqepk&fmt=3
IP
GET /track/pxl/?adv=pcl8biy&ct=0:1psqepk&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9749892.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 10:31:31 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Baloo+Paaji+2:wght@400;600&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Baloo+Paaji+2:wght@400;600&display=swap
IP
GET /css2?family=Baloo+Paaji+2:wght@400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure58.webhostinghub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 18 Oct 2022 10:31:28 GMT
date: Tue, 18 Oct 2022 10:31:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
198.46.82.25
104.18.32.68
104.88.20.141
23.36.76.226
93.184.220.29
34.255.225.203
3.126.26.70