firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 22:09:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zw2rCzkj_uLuwPkUOlrNoqSY1xNZwnTQH4DVR4wbcvmKBFUg4iIpUQ==
Age: 2985
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6704
Expires: Wed, 14 Sep 2022 00:50:39 GMT
Date: Tue, 13 Sep 2022 22:58:55 GMT
Connection: keep-alive
cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
216.119.218.33302 Moved Temporarily 0 B URL HTTP/1.0 cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
IP 216.119.218.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /login?et_cid=151833&et_subid=20334149&et_mid=6360256 HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.0 302 Moved Temporarily
Location: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Connection: Keep-Alive
Content-Length: 0
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yw_8_viE_N68clDJueOmJwyKXoqBODSJ3wn4NWBSo1jm473o0oLqDg==
age: 66221
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:58:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash ee39e74aad81eb64bd39b7ec432d5c7f
50b19f83319421b95b0a57a3d378224fbd5b7211
74b355d2ae8d63d6f8574c66c9ac59fc12d5f735f320f3403a6d57fe727ca110
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "74B355D2AE8D63D6F8574C66C9AC59FC12D5F735F320F3403A6D57FE727CA110"
Last-Modified: Tue, 13 Sep 2022 21:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3542
Expires: Tue, 13 Sep 2022 23:57:57 GMT
Date: Tue, 13 Sep 2022 22:58:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 22:03:22 GMT
Expires: Tue, 13 Sep 2022 22:53:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pW2iLqW12ky5TTJnCfFLtbBZzwCdDRVGc1OKdT-4y8oar1pLaRClpA==
Age: 3334
cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
216.119.218.33200 OK 8.3 kB URL HTTP/1.1 cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
IP 216.119.218.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1500), with CRLF, LF line terminators
Hash ae78b1a8e5cdb61d6fc6405823474638
6ba725c50245deea5843e49918e7450c24057013
697c2e50c3f5a1ea8336c6ad1b2af70a99a22388e484fdcaa23a4f3df8f4b4bd
GET /login?et_cid=151833&et_subid=20334149&et_mid=6360256 HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Content-Security-Policy: style-src *.vixverify.com *.edentiti.com fast.fonts.net f.fontdeck.com *.googleapis.com ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src https://itunes.apple.com *.edentiti.com *.vixverify.com *.tt.omtrdc.net *.salesforceliveagent.com assets.adobedtm.com www.google.com www.gstatic.com *.g.doubleclick.net *.googleapis.com app.ehoundplatform.com maps.googleapis.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.optimizely.com www.adobetag.com ajax.aspnetcdn.com cdn.walkme.com 'self' 'unsafe-inline' 'unsafe-eval';style-src *.vixverify.com *.edentiti.com fast.fonts.net f.fontdeck.com *.googleapis.com ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.edentiti.com *.vixverify.com *.tt.omtrdc.net *.salesforceliveagent.com assets.adobedtm.com www.google.com www.gstatic.com *.g.doubleclick.net *.googleapis.com app.ehoundplatform.com maps.googleapis.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.optimizely.com www.adobetag.com ajax.aspnetcdn.com cdn.walkme.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src *; img-src *.edentiti.com *.vixverify.com *.force.com www.google.com www.google.com.au *.googleapis.com *.gstatic.com www.google-analytics.com *.doubleclick.net 'self' data:; font-src *.vixverify.com *.edentiti.com f.fontdeck.com fonts.gstatic.com 'self'; frame-ancestors 'self' cardholder.mastercardworldwide.com; default-src *.edentiti.com *.vixverify.com 'self';
Set-Cookie: PartnerOverride=; expires=Mon, 12-Sep-2022 22:58:56 GMT; path=/; secure; HttpOnly
LanguageCookie=en-US; path=/; secure; HttpOnly
BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; path=/; Httponly; Secure
TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; Path=/; Secure; HTTPOnly
X-MiniProfiler-Ids: ["5756c1ee-0e41-4746-ac60-96747b321f75","55d8b72a-59eb-430d-967c-7e6ab523813e","0289a2bd-1364-4710-ad11-7b59804d06e7","8822b6b1-581c-4c01-86af-932643201699","187aedff-6f55-4f74-812c-f66207c17cf6","c4f8b86d-d09e-4b80-93bc-fc9e8fbcf371","f6e6e548-eead-4372-a1e8-71de416709d7","5c91ac3c-ff46-42ee-b070-cb7e28a79041","5f5f4b0c-d17b-4410-8321-40d753a66507","a43fa45e-0466-4548-a79f-039015f35115","a61b7880-f677-49db-b422-60e10562a2b0","a3b6a552-8862-4d4a-b031-7a0329c159ab","56147c61-6485-4541-b7b4-36f076825343","03cab3d2-2f38-452f-917c-ab599f98f96b","66452f23-2055-47d7-b116-da7d66863cc7","29f4bd2f-501a-42df-9f11-ea8d40313b79","541dfc87-7992-4d1b-9648-440365f72564","e678a337-39e6-4a2a-b68f-36df6a943d8f","fa62cb96-ab15-4769-bc4c-558c78b51168","27226d02-48cb-4112-8cc9-2b9cfd193188","45ecc1df-2e1f-4c31-b97a-b493c3a8617b"]
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8314
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1587
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:56 GMT
Last-Modified: Tue, 13 Sep 2022 22:32:29 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-793746537
142.250.74.72200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-793746537
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 06b4688d4dc0192e469b06747cdcb122
4f040a15e37763b635101971ceb7eaedc75fdc93
919a5e96c138bb4c74de266339aea432f5d1f2af82b3d65b16f1c72b65901bef
GET /gtag/js?id=AW-793746537 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 22:58:56 GMT
expires: Tue, 13 Sep 2022 22:58:56 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 22:09:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46359
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78f8bae58862d8be3437cfe9e927011d
fb01a9cfd346f2c9b7694276c72a76e213887b06
389d233aa4b3ea23315c9d6e8d72d96fb2f802e227d24199c788a5a89e96a19e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 557 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 2ccc89f867610ca13b2456db03928f05
d9816baef3ded701d95b61e184d8b7fe2f473c09
fb834adb29f4d3ba0653177176a82a136a06fd8cf8c55583372eabf7212eb25b
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 13 Sep 2022 22:58:56 GMT
date: Tue, 13 Sep 2022 22:58:56 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-31290558-3
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-31290558-3
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash a32493bd7e52edf9fe6bae56e1bdc672
9ebc9374882b611b4b673b81c6aa30c3c7646fee
07582bfa543482643b273769221e93238f1eb2da11272f64b6665926e7cc562b
GET /gtag/js?id=UA-31290558-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 22:58:56 GMT
expires: Tue, 13 Sep 2022 22:58:56 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 22:09:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42134
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.237.51.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.51.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DvFO1IjlJfOuTurA8FKj4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HuJ/6Mhiw6DVGFHXPMMJyjvncWA=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8775
Expires: Wed, 14 Sep 2022 01:25:11 GMT
Date: Tue, 13 Sep 2022 22:58:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8775
Expires: Wed, 14 Sep 2022 01:25:11 GMT
Date: Tue, 13 Sep 2022 22:58:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8775
Expires: Wed, 14 Sep 2022 01:25:11 GMT
Date: Tue, 13 Sep 2022 22:58:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8775
Expires: Wed, 14 Sep 2022 01:25:11 GMT
Date: Tue, 13 Sep 2022 22:58:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:51:32 GMT
age: 4044
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa480f096-89f3-415c-b9a8-76b981146555.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa480f096-89f3-415c-b9a8-76b981146555.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34b74681f6d64ca1c010044535056275
ef6cd4bdd5ddbdb92b25816dc82796f857d29cce
d3ffb558a261fd982989931ed8bd8e8f132735bb99fa5a42a032efdbdfbf6ce5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa480f096-89f3-415c-b9a8-76b981146555.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4482
x-amzn-requestid: e9a99ad0-f093-4c9b-87b4-13ebac164413
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv5FIUoAMFcUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-4438ced526ebec8e7819b700;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _et90o-4_I8qkmQuwvLolMCtcidFgElQfg9KcHeCgMiaDvxndleAgg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:41:20 GMT
age: 4656
etag: "ef6cd4bdd5ddbdb92b25816dc82796f857d29cce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9cb9807-03d5-4b00-9a0f-61f9c12f0e63.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9cb9807-03d5-4b00-9a0f-61f9c12f0e63.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f85dd3f15d0c55c06f712bbfb6f55fa
2c053f4774c450e42effdc440e89fb2ce232bad3
0035f6235d012f4c2ffbc8e414e82bbba3235c51e20f7b1ebebcdff47be285fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9cb9807-03d5-4b00-9a0f-61f9c12f0e63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8836
x-amzn-requestid: cae5f1fa-005b-4819-900e-e0cec381e450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavYxGUCoAMF5Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f904-1be4cae92b407bed2a128109;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:41:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Edqp_EdPzoXt6xQtd24wiBzLSdqQ2HYzOGExvqkcJCUwSN5Kn7lZcQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:00:47 GMT
age: 3489
etag: "2c053f4774c450e42effdc440e89fb2ce232bad3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 557695ec8ffeebb0272c099542a14ace
ad627b434e1c3b693d8636675bcea0f8794e0dc2
4d79c7830caa73b921d6abaa97771ab1f4dc8fd709597f01ba04c268c03b6157
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 85df5ad9-f229-4d33-90b9-5dd28c77578a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YH396F2SIAMFnGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63196d25-3ee08f1e27cd37e96dba0f40;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 04:18:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Oep2UJdadBnTBuCy7CexUcezT0cCvm_9hroZnV-UrC9lQQxwUc4rkw==
via: 1.1 07c02ae6c53d85283eb15380264d9998.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 06:18:57 GMT
age: 59999
etag: "ad627b434e1c3b693d8636675bcea0f8794e0dc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93a46c8e-0f46-4633-8b5b-51f1b2a5442d.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93a46c8e-0f46-4633-8b5b-51f1b2a5442d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 467dd8d3b95082f8cd91bcbcdd20e5fd
77e495af2af5678308ad8ef5485f925386f0b418
7cf3a1cd3868d2030bcaf1f8b4ce6a221d8e0d222487354b86f51cd5e4322115
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93a46c8e-0f46-4633-8b5b-51f1b2a5442d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7297
x-amzn-requestid: d57a4a7d-57d7-4dc0-9382-36c72d154b12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yav61HfzIAMFfxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f9de-601c198b76e739502cb3ecfd;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:45:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l8eGAJWPb4y1bUnqba2Ae0xmUW3IjJxdEWOAgw8qOzRl3R9I-ScbTw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:12:32 GMT
age: 2784
etag: "77e495af2af5678308ad8ef5485f925386f0b418"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe75b3681-ef2a-49d3-b606-3db42d433f5a.webp
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe75b3681-ef2a-49d3-b606-3db42d433f5a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b13597e0a940250612993db031202d62
aba9b41b12e3bd89bb7564cfdb97e9922cd2a8d9
6d3c52dc3095ed849d6be14697d4c7f1278042ce11da4939df1237c1b1c92101
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe75b3681-ef2a-49d3-b606-3db42d433f5a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6821
x-amzn-requestid: 884c2672-28f8-4a1a-a18e-d53c82d65645
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv5Es7IAMFkwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-25fa585f3ca1d8c559dc295b;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YPtX1bh_mzR9MrOXsrfw3J0gxRGuu0u5PY2ZFbxdD-Ht4fqvOfTQ_g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:41:21 GMT
age: 4655
etag: "aba9b41b12e3bd89bb7564cfdb97e9922cd2a8d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cashpassport.co.nz/themes/NZ-CPP/scripts/jquery-migrate-3.0.1.js?v=1.0.8209.27440
216.119.218.33200 OK 12 kB URL HTTP/1.1 cashpassport.co.nz/themes/NZ-CPP/scripts/jquery-migrate-3.0.1.js?v=1.0.8209.27440
IP 216.119.218.33:0
File type ASCII text, with CRLF line terminators
Hash 474307d4a053c7311a45b7cf2deff74d
7ef3db3f10f3a5094de729d05c028dffedd19d93
1589fc7479100b06d2da4d7457313104228fb0403aa9129e269306667df52039
GET /themes/NZ-CPP/scripts/jquery-migrate-3.0.1.js?v=1.0.8209.27440 HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Wed, 04 Nov 2020 20:01:16 GMT
Accept-Ranges: bytes
ETag: "0cee440e5b2d61:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:56 GMT
Content-Length: 11635
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!+hdCAn/+s5pqhLNkHmLPFkdQglXvUqMJ6G3fWXvouHt9HGw1br+cYkkwIKNqmdYbYuHjzSI77xidIBs=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!309p8kxRAzAWXsUBF8NxNF9mq+xFLXAAmIFiDk9wWbYHPU4ps9zfLAutOOExLNRUlO9yNSFjcjaQ9Hs=; path=/; Httponly; Secure
TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; Path=/; Secure; HTTPOnly
cashpassport.co.nz/themes/NZ-CPP/scripts/svg-injector.min.js?v=1.0.8209.27440
216.119.218.33200 OK 4.6 kB URL HTTP/1.1 cashpassport.co.nz/themes/NZ-CPP/scripts/svg-injector.min.js?v=1.0.8209.27440
IP 216.119.218.33:0
File type ASCII text, with very long lines (4335), with CRLF line terminators
Hash d3602754e8c0ac5b1c6d325e1e057c59
e1d89e5bcae512187e09f32d76b7e0d22ab93c5b
828c10b2c04c4499075265b6b6e05f49d3ce905708f15d5d35dbc3a21685fefd
GET /themes/NZ-CPP/scripts/svg-injector.min.js?v=1.0.8209.27440 HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Wed, 04 Nov 2020 20:01:16 GMT
Accept-Ranges: bytes
ETag: "0cee440e5b2d61:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:56 GMT
Content-Length: 4587
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!8dYwWd9G8IZRmoCh6m/9pq26qiEg+ToRooWbTeJjcwnLb72Pm6L9EXC5XrwcSqD+wG93gZE3Luhjrbc=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!DOwyWWsVcynA2+3QRl0myg78ghC9gD/0Yh7aIf00sg5sWCt1GJWoXPivzxfTdVkGu111cjw8J4MAmeg=; path=/; Httponly; Secure
TS01ade106=0129c5f8e17e1df4c31f5a4efb555129bdda3c2f63b5448cbab0788bdc301d0a9cc38766fa97b37704b808a46450a39f4216a20026; Path=/; Secure; HTTPOnly
cashpassport.co.nz/media/227386/cpnzoverride.css
216.119.218.33200 OK 534 B URL HTTP/1.1 cashpassport.co.nz/media/227386/cpnzoverride.css
IP 216.119.218.33:0
File type ASCII text, with CRLF line terminators
Hash 62a2db416d29b906d94e40aa1f26bb35
6178c74befb36e7d5e1e94b7d895aae05a07effe
4aabeec0324daaa363254dcb4525893f87207e2a22fffae9979923852450c0f5
GET /media/227386/cpnzoverride.css HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Wed, 10 Aug 2022 12:13:09 GMT
Accept-Ranges: bytes
ETag: "58524c8eb2acd81:0"
Content-Security-Policy: style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:56 GMT
Content-Length: 534
Vary: Accept-Encoding
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!Bn4qYGPWt/401Dih6m/9pq26qiEg+WNqJ0v07rJcgyHeotYOdeP4dbYyPb2LUcK/Vb0hz+y8ZKiTiQk=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!XhQCEXtjNTfyWkjQRl0myg78ghC9gJ9NbBA8Z8w0IofwYuswqQ0088i6gT3yfvAwTgP3pW0YuSrR660=; path=/; Httponly; Secure
TS01ade106=0129c5f8e11b87f521987cbdac9c94f141099b7544c0b93e5d5a832471072444237dfac0251d0c06a477e9acf8eb68a4dbc85d9d68; Path=/; Secure; HTTPOnly
cashpassport.co.nz/scripts/angular-messages.min.js?v=1.0.8209.27440
216.119.218.33200 OK 3.1 kB URL HTTP/1.1 cashpassport.co.nz/scripts/angular-messages.min.js?v=1.0.8209.27440
IP 216.119.218.33:0
File type ASCII text, with very long lines (514), with CRLF line terminators
Hash 5e8a2301a99507f9a9c1929af96ee6ac
209fe48ce1a9fbddec4dd22646c3969619dec16d
7d3a06eec2af5172c323d5a496c365aabca93974f92f691be6d3f6e6517d70dd
GET /scripts/angular-messages.min.js?v=1.0.8209.27440 HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 29 Nov 2019 17:22:20 GMT
Accept-Ranges: bytes
ETag: "0ee218ed9a6d51:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:56 GMT
Content-Length: 3053
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!MQd+XNuH6+oMj2uh6m/9pq26qiEg+ZQrIlAD7yCEuYzocSdYIJx1Zs1UBOb9HdN07NRDkQ7LStFjuIQ=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!E520jMlKDOO31lvQRl0myg78ghC9gPeenz/2WaOwzryZOwlNW8ioAwWI+uDPMkHWuHmPUqmH/GEIfYQ=; path=/; Httponly; Secure
TS01ade106=0129c5f8e15f9a893e643f1f5fe8fb5816d2c523e6b482b1483868ed1a74b052a5e0ed9c4a0f191e1f92064733d9b4d009380aa67c; Path=/; Secure; HTTPOnly
cashpassport.co.nz/themes/NZ-CPP/scripts/jquery-3.5.0.min.js?v=1.0.8209.27440
216.119.218.33200 OK 90 kB URL HTTP/1.1 cashpassport.co.nz/themes/NZ-CPP/scripts/jquery-3.5.0.min.js?v=1.0.8209.27440
IP 216.119.218.33:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 7c5d886a944957e9ed1cc3c5eba023e9
723652fafe15c44f0ec6273b5383d07344db07dd
e863418bac8e02f87754f2880a927a199875150be702c34f515a6680f645f89c
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /themes/NZ-CPP/scripts/jquery-3.5.0.min.js?v=1.0.8209.27440 HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Wed, 04 Nov 2020 20:01:16 GMT
Accept-Ranges: bytes
ETag: "0cee440e5b2d61:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:56 GMT
Content-Length: 89495
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!95KCSBRHxfwplY6h6m/9pq26qiEg+SE117Eh8NA51x+Vod7JR3Cb0DhRmenrUy+mZ7YxENeSponJWe8=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!me5IwpMcf3h5e0XQRl0myg78ghC9gPETxm6ETX3Vbk79n62BXdMsWezMKudZswnORqCA3y9Y59unr+w=; path=/; Httponly; Secure
TS01ade106=0129c5f8e1f0e3bee87f147cdc2557d24095c092029f20c71f621e7db4aed74e6644829b3d3142f750b3f3810c931c4ddf8937c955; Path=/; Secure; HTTPOnly
cashpassport.co.nz/themes/CPP-Base/scripts/buy-funnel.js?v=1.0.8209.27440
216.119.218.33200 OK 54 kB URL HTTP/1.1 cashpassport.co.nz/themes/CPP-Base/scripts/buy-funnel.js?v=1.0.8209.27440
IP 216.119.218.33:0
File type ASCII text, with CRLF line terminators
Hash e91c2a96ff77cbb1a0da012528c64f6b
52c340312b6091d125a599b82c7164dc08185513
ce8a8d854f997a79a200e0e263adaee1ab37dffca1553a30bf67ba0ececdef44
GET /themes/CPP-Base/scripts/buy-funnel.js?v=1.0.8209.27440 HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Mon, 26 Jul 2021 15:23:40 GMT
Accept-Ranges: bytes
ETag: "0e632363282d71:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:56 GMT
Content-Length: 53600
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!vc+cmbdgH/NTXrNkHmLPFkdQglXvUoLRP/tF/qkPq2lJhPSMybPR6Xl/1SV2Zx7NK0RDAWh2HBNwJsc=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!lIyG2TDLd2AAAyABF8NxNF9mq+xFLVtcdAeScMbtC7FE715PO0C8zjmbBuWxfwB+DQD4XQFowDZclAo=; path=/; Httponly; Secure
TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; Path=/; Secure; HTTPOnly
cashpassport.co.nz/themes/NZ-CPP/css/main.css?v=1.0.8209.27440
216.119.218.33200 OK 122 kB URL HTTP/1.1 cashpassport.co.nz/themes/NZ-CPP/css/main.css?v=1.0.8209.27440
IP 216.119.218.33:0
File type ASCII text, with very long lines (16171), with CRLF line terminators
Size 122 kB (122220 bytes)
Hash d70d7b82e3858d0ef99e640d14167724
1ecefadc98694132c279252c0424c711812e240a
484a41342cd1d39a75fb8b73b573a6bc1ddce43c11a14425bc7cba966b66e962
GET /themes/NZ-CPP/css/main.css?v=1.0.8209.27440 HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Wed, 04 Nov 2020 20:01:16 GMT
Accept-Ranges: bytes
ETag: "0cee440e5b2d61:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:56 GMT
Vary: Accept-Encoding
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!kvcivfQ2Y9oUGRNkHmLPFkdQglXvUoTgv4YYC2HIEKTlTyObSdAYaJWWdWBtoo84K7HUe46/lOTXk1E=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!9ZIBAvnumQ/7G0cBF8NxNF9mq+xFLbXlQ3iSk1cEtCGUrUbP3r3Nt4th2lS04pVelXG2APE8UTZW6KE=; path=/; Httponly; Secure
TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; Path=/; Secure; HTTPOnly
Content-Encoding: gzip
Transfer-Encoding: chunked
cashpassport.co.nz/themes/NZ-CPP/scripts/moment.min.js?v=1.0.8209.27440
216.119.218.33200 OK 52 kB URL HTTP/1.1 cashpassport.co.nz/themes/NZ-CPP/scripts/moment.min.js?v=1.0.8209.27440
IP 216.119.218.33:0
File type ASCII text, with very long lines (32013), with CRLF line terminators
Hash 19436ad9831513f90ffd2421b3d97903
f69362a97b598754a64fc8ae491ace718f651b04
5251631d756dac0ed74a7892e651437c0f8840e552f9e245c731860ab1a89581
GET /themes/NZ-CPP/scripts/moment.min.js?v=1.0.8209.27440 HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Wed, 04 Nov 2020 20:01:16 GMT
Accept-Ranges: bytes
ETag: "0cee440e5b2d61:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:56 GMT
Content-Length: 51471
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!mEF/S2/RjYoYYLuh6m/9pq26qiEg+c+zgItmlg96T3SL7yBCLGK8hxliv/v82Ck5K5Oe6o/tC7TwqJY=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!633Jbdd8e3zGLR7QRl0myg78ghC9gMMXtb4f0KMR1Kb69rrv4zgcIqCIEChCmTV/k+kmTK8e2KVavUQ=; path=/; Httponly; Secure
TS01ade106=0129c5f8e126cff7b66f5e621a20f37cc60296bc58420d690ecfb4f218e803c9684acad5ae909a7bc3bce23eeaaf215c45a4a7113e; Path=/; Secure; HTTPOnly
cashpassport.co.nz/Themes/CPP-Base/appBanner/app-banner.css
216.119.218.33200 OK 854 B URL HTTP/1.1 cashpassport.co.nz/Themes/CPP-Base/appBanner/app-banner.css
IP 216.119.218.33:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 93974ab40685018ea5a013af2b0f0bbc
a9c10943facda6903aa2fdad52e1efa4801ae1a7
6472e095405d4c6c6bb8ce1e3b98b358ef0e27d82de793b067143d38dbac12a6
GET /Themes/CPP-Base/appBanner/app-banner.css HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Mon, 26 Jul 2021 15:23:40 GMT
Accept-Ranges: bytes
ETag: "0e632363282d71:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:57 GMT
Vary: Accept-Encoding
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!1aC5uA57TmlPnXZkHmLPFkdQglXvUhkuwlbaZqLIlOrMsL8dDGF4mcaXE/xk7efakXHECtw9JdzGNEA=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!PNBgsnqsum6m9LkBF8NxNF9mq+xFLe9wf560Cw5BLcbo+/CacS8yFXeFby4TCT7XjdAOzjPl8Ld/wjI=; path=/; Httponly; Secure
TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; Path=/; Secure; HTTPOnly
Content-Encoding: gzip
Content-Length: 854
Connection: Keep-Alive
cashpassport.co.nz/themes/NZ-CPP/scripts/app.js?v=1.0.8209.27440
216.119.218.33200 OK 69 kB URL HTTP/1.1 cashpassport.co.nz/themes/NZ-CPP/scripts/app.js?v=1.0.8209.27440
IP 216.119.218.33:0
File type ASCII text, with CRLF line terminators
Hash b2b33e400f78b8bb32aa0cbdd071225d
e0835db57fb06e9d1d9253d083b2572c358179ef
21d09c129320f1fc1dc89ba5ea963576dcdd34291755bde08e163f527aeba3c1
GET /themes/NZ-CPP/scripts/app.js?v=1.0.8209.27440 HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 22 Apr 2022 18:52:08 GMT
Accept-Ranges: bytes
ETag: "0bc14117a56d81:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:57 GMT
Content-Length: 69273
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!OJhOcLoCJhxLsk+h6m/9pq26qiEg+Umje8zJmzHdF1inQUhJ/26DTm6fr3/srWo+44odDnHU6RUyoLc=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!MQErUj1o3jD85/LQRl0myg78ghC9gLHtV5tpESIIRMmp/dgAIBMswiYULiz/dseZsdi/FSvvxZbDQr4=; path=/; Httponly; Secure
TS01ade106=0129c5f8e1591299db54fd881e4349aa4d34246a1d5e085b275ea12c3a443cf357ce064fa0dc0e5123ae89315d3b13afa26c18cee7; Path=/; Secure; HTTPOnly
cashpassport.co.nz/scripts/angular.min.js?v=1.0.8209.27440
216.119.218.33200 OK 168 kB URL HTTP/1.1 cashpassport.co.nz/scripts/angular.min.js?v=1.0.8209.27440
IP 216.119.218.33:0
File type ASCII text, with very long lines (566), with CRLF line terminators
Size 168 kB (167463 bytes)
Hash 3768a8a7901bb67b48170f360a9281ed
2e57ea10ecabe09e0b209839efeca99e85855a4f
64e327b8fae7a4714dd9b5205e2e665f513baa4ea29d642d1864e78ecf9745da
GET /scripts/angular.min.js?v=1.0.8209.27440 HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 29 Nov 2019 17:22:20 GMT
Accept-Ranges: bytes
ETag: "0ee218ed9a6d51:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:56 GMT
Content-Length: 167463
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!L9FwSADqt7BMHV6h6m/9pq26qiEg+YhVnoyJ2lec1wjhQrOOtvUSyyIAx96jLfEJoIUVUJKu9ArZmUI=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!Z6EHqDrZFiT5mv7QRl0myg78ghC9gFmDJrFDuGEr8EzQv7rhTrh8KNvBlVOQQUsW8XMAqKTZaqj+0Sg=; path=/; Httponly; Secure
TS01ade106=0129c5f8e17858d231fa189a1bb94311f945fa576a12a13054f06928922c458e00c170cae5f2bc7a7d9593eb69d695fdb87fccdd23; Path=/; Secure; HTTPOnly
cashpassport.co.nz/Themes/CPP-Base/appBanner/app-banner.js
216.119.218.33200 OK 5.2 kB URL HTTP/1.1 cashpassport.co.nz/Themes/CPP-Base/appBanner/app-banner.js
IP 216.119.218.33:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 1fcd4b5e8beae1dea050b7b50053f0ad
53c6968ae9037a183a3c19bfb7f668638f2fda0e
3388f907e0937cb1a56be0e45ece9f933ceb9ed842348697091f3895fe283e81
GET /Themes/CPP-Base/appBanner/app-banner.js HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 14 Jun 2022 16:27:10 GMT
Accept-Ranges: bytes
ETag: "039098b80d81:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:57 GMT
Content-Length: 5226
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!kVh1Y8fG5wS85a5kHmLPFkdQglXvUnMyjXbOVIAY1Q97500ow6iw1Ju86cIihMz1OewwHr5Xq69JjVw=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!mJWedsy7evQzBD0BF8NxNF9mq+xFLfZJI24YwWC68C6uzizyPEiu9DWjAQ6IHn7IAROlo/vLXzk2F2Y=; path=/; Httponly; Secure
TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; Path=/; Secure; HTTPOnly
cashpassport.co.nz/Themes/CPP-Base/appBanner/rating.css
216.119.218.33200 OK 798 B URL HTTP/1.1 cashpassport.co.nz/Themes/CPP-Base/appBanner/rating.css
IP 216.119.218.33:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 3289731f5c5dc30592539a3803560a44
37c8159322bb16d879d44e2a91932d3121a0052e
6734fc1abdbec74709dab20639267b07f449fedf4d68c67d4bae4465d3ad1fc0
GET /Themes/CPP-Base/appBanner/rating.css HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Mon, 26 Jul 2021 15:23:40 GMT
Accept-Ranges: bytes
ETag: "0e632363282d71:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:57 GMT
Content-Length: 798
Vary: Accept-Encoding
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!PAM4e0L1Qew50+yh6m/9pq26qiEg+b8Tn+7tb5i15YKmeUHo2vteiUPh6cV7X7dQGE3ePgC0stIvpww=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!QMzUljl0+HvH+CfQRl0myg78ghC9gPZYHN6MPt1LImzBHGGZ7vFhc5aTVabI+nJHw1LaR8VGnldgzRk=; path=/; Httponly; Secure
TS01ade106=0129c5f8e1ed0bc8497bb56e113e9d2c8001901d5fc8d655c8bdc93e4b9be90aa95f995b889d756b03df7567d7ab18f2a1ed773090; Path=/; Secure; HTTPOnly
cashpassport.co.nz/themes/NZ-CPP/scripts/jquery-ui-1.12.1.min.js?v=1.0.8209.27440
216.119.218.33200 OK 290 kB URL HTTP/1.1 cashpassport.co.nz/themes/NZ-CPP/scripts/jquery-ui-1.12.1.min.js?v=1.0.8209.27440
IP 216.119.218.33:0
File type ASCII text, with very long lines (31432), with CRLF line terminators
Size 290 kB (289688 bytes)
Hash 2247463c33b7538afb24f47bf4c19e12
0aa658b89b4589787fe16b1ce4b980b4c03a515f
29ed483a8d69735b1d8ff1a0635c25610c6d50d6481b9ebe3b36d1a132ef8b1d
GET /themes/NZ-CPP/scripts/jquery-ui-1.12.1.min.js?v=1.0.8209.27440 HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Wed, 04 Nov 2020 20:01:16 GMT
Accept-Ranges: bytes
ETag: "0cee440e5b2d61:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:56 GMT
Content-Length: 289688
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!Ox9/nslMDP8v7WVkHmLPFkdQglXvUtsgduLJxqnlm9pSIlJZjaL7ZSshjXsmFsQ7uIwDcVye4n8rD1w=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!Vrp9nLdhz3f9W64BF8NxNF9mq+xFLbWjyJMXhy+V8luDvWGoxYZTqtAG/RKo93v26bvMP6UrWBJQKEY=; path=/; Httponly; Secure
TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; Path=/; Secure; HTTPOnly
cashpassport.co.nz/images/email_icon.png
216.119.218.33404 Not Found 0 B URL HTTP/1.1 cashpassport.co.nz/images/email_icon.png
IP 216.119.218.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/email_icon.png HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:57 GMT
Content-Length: 0
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!S74v9yS/pNx3k/pkHmLPFkdQglXvUhKOp4a1D3j+wJJIHyPKiQeCZ6drXuLn8+jKIbhqwjzaOLzP74c=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!AXymRl63lqRDZnoBF8NxNF9mq+xFLa9dcyKqc0oJ1yPbBaMAyGi24/Ie6MUsgSP5pXPVWe1JtqWhOFA=; path=/; Httponly; Secure
TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; Path=/; Secure; HTTPOnly
cashpassport.co.nz/themes/NZ-CPP/images/Mastercard-logo.svg
216.119.218.33200 OK 962 B URL HTTP/1.1 cashpassport.co.nz/themes/NZ-CPP/images/Mastercard-logo.svg
IP 216.119.218.33:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 27d059e190fce03f0b301aa7271e22d4
35e33bef2c43f656d9d7e54c40c29d7282414558
827e3eff27bdfef12147f84fafb842fe8fbd3001ac7c5dc28fd1177c13066142
GET /themes/NZ-CPP/images/Mastercard-logo.svg HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 04 Nov 2020 20:01:16 GMT
Accept-Ranges: bytes
ETag: "0cee440e5b2d61:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:57 GMT
Content-Length: 962
Vary: Accept-Encoding
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!el2dKgjEV1xuKKKh6m/9pq26qiEg+WTcIBCmd1terHIkMrU6lj2HKHFmeVm/YqqpSuUYk4CFLCw/umQ=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!UMhWYoNTtXnnVvHQRl0myg78ghC9gLhFXVr8MKxUQ8y6+LFhE45pcry2VSKxEMH49ZM40Ij2HBAZQ7A=; path=/; Httponly; Secure
TS01ade106=0129c5f8e1c098055cb132dd00b6cf63db0232fc61015d0a1525e18a1515eb8413cc302f4204dce825feff88dd33175fed5872fd19; Path=/; Secure; HTTPOnly
cashpassport.co.nz/media/227219/head-logo.svg
216.119.218.33200 OK 5.6 kB URL HTTP/1.1 cashpassport.co.nz/media/227219/head-logo.svg
IP 216.119.218.33:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (319), with CRLF line terminators
Hash 4a3f485187a6067a780a208cd4bb3b45
f4e5d0ba02d47f544a4044c46cd3a6e9982583f8
758811a874131953f4168d48fe3c7c8a6b6867dd70babf6b280b5a1a46d39c37
GET /media/227219/head-logo.svg HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 15 Aug 2018 01:24:36 GMT
Accept-Ranges: bytes
ETag: "0225bba3634d41:0"
Content-Security-Policy: style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:57 GMT
Content-Length: 5624
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!8nKU6RZZ8JDs/NxkHmLPFkdQglXvUsgY+RMLyMJwMNoSKKe60Ut5lSbCRzhshfoyzRw//kRY4Jfc3gM=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!g3ETDCL1UQ244WIBF8NxNF9mq+xFLex3UfXsnWW0o7/rMRRp+79G5iFFxKA18RtxCqd5mZsCvN7qqyU=; path=/; Httponly; Secure
TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; Path=/; Secure; HTTPOnly
cashpassport.co.nz/media/227282/platinum-card-1.png?width=184px&height=119px
216.119.218.33200 OK 39 kB URL HTTP/1.1 cashpassport.co.nz/media/227282/platinum-card-1.png?width=184px&height=119px
IP 216.119.218.33:0
File type PNG image data, 184 x 119, 8-bit/color RGBA, non-interlaced\012- data
Hash be7b97a4fa8390a7b0f375fda3d0ea40
2f44144440d6b6c573c25854dee52270fb95c134
ff34de2504b693e5e7e1533eebc26bf86ffc2f58e42483561a6209071df85a0f
GET /media/227282/platinum-card-1.png?width=184px&height=119px HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!cnwMTgdGCqDU43dkHmLPFkdQglXvUvNl6efrVmjEegWLnPQYzqM6utzuzPbTI602DQYlkLXEUYefAG0=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!CCXnpiWd5lyrxvUBF8NxNF9mq+xFLXXXHMXcCE5oKRm/c3b40Z0H573W3fHlHCGvyiJnzXAXMnXTueo=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public, must-revalidate, max-age=31536000
Content-Type: image/png
Expires: Wed, 13 Sep 2023 22:58:57 GMT
Last-Modified: Wed, 09 Feb 2022 13:44:43 GMT
Accept-Ranges: bytes
ETag: "f995ac31bb1dd81:0"
Vary: Accept-Encoding
ImageProcessedBy: ImageProcessor.Web/4.5.1.0
Content-Security-Policy: style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:57 GMT
Content-Length: 39104
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!N1Ylrr7mFftRih6h6m/9pq26qiEg+WEzyV6AOtJSiFW+2sF/LhWrAC5nhEAAbhkjbP0s0v8GYRPuZ4U=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!Tnhjal4ets8lKmDQRl0myg78ghC9gCKOHA1ZQN09Z0dHo9uLdjQg7hXUCLtKcs2GM5ovP65kmQ04KE4=; path=/; Httponly; Secure
TS01ade106=0129c5f8e1904245669d5b0484d3fa53f3b88a33e5a1d84879858d172bd7848319f85f742272cd0cc24e0c09465737c295049889bd; Path=/; Secure; HTTPOnly
cashpassport.co.nz/themes/NZ-CPP/images/back-to-top.png
216.119.218.33200 OK 1.2 kB URL HTTP/1.1 cashpassport.co.nz/themes/NZ-CPP/images/back-to-top.png
IP 216.119.218.33:0
File type PNG image data, 12 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b68e1ada886cc282b36803e9fc91327
8d7bd203e7ebf974d55d07840721134b55d3932d
aef3d8769bf33300dc31ddca7ebf22b438f62147b6cbd0e4217b2fb54c4fe940
GET /themes/NZ-CPP/images/back-to-top.png HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/themes/NZ-CPP/css/main.css?v=1.0.8209.27440
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!8nKU6RZZ8JDs/NxkHmLPFkdQglXvUsgY+RMLyMJwMNoSKKe60Ut5lSbCRzhshfoyzRw//kRY4Jfc3gM=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!g3ETDCL1UQ244WIBF8NxNF9mq+xFLex3UfXsnWW0o7/rMRRp+79G5iFFxKA18RtxCqd5mZsCvN7qqyU=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; _gcl_au=1.1.936412235.1663109924
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 04 Nov 2020 20:01:16 GMT
Accept-Ranges: bytes
ETag: "0cee440e5b2d61:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:57 GMT
Content-Length: 1167
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!GRdbC2RzIRzoK5FkHmLPFkdQglXvUq5mReZUd70qvL+ib2a7WupCyO3wP5TulY8+xcIkyPdjNsxcVEY=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!7nawQ24QiJD2ilMBF8NxNF9mq+xFLe8CSl4bOwMNymlzS2XghSpEmwfE55KwJ9gEYZBetq8xyZcUPps=; path=/; Httponly; Secure
TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; Path=/; Secure; HTTPOnly
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 943030c144315730829302ed66ba85de
a23d3b993b40bc2f97a1566c50376e3debfd2f72
1d3194a56b7a1f4114f716c01f73235b710ef2c9711fa5369911266fd57b9fd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4747528.fls.doubleclick.net/activityi;src=4747528;type=mstrcrd;cat=cplndgpg;ord=1;num=2201878457712;gtm=2od9c0;auiddc=936412235.1663109924;~oref=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256?
142.250.74.70200 OK 402 B URL HTTP/2 4747528.fls.doubleclick.net/activityi;src=4747528;type=mstrcrd;cat=cplndgpg;ord=1;num=2201878457712;gtm=2od9c0;auiddc=936412235.1663109924;~oref=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (521), with no line terminators
Hash bb7c46ddd0580a7549d309385135abdb
dad57462a7e0988f282d210e2a83427ff9ff2d29
aadc64aabbc79e56dc0611a43895bcac847081148c97b3f5cb0ade47b7a54c89
GET /activityi;src=4747528;type=mstrcrd;cat=cplndgpg;ord=1;num=2201878457712;gtm=2od9c0;auiddc=936412235.1663109924;~oref=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256? HTTP/1.1
Host: 4747528.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 22:58:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 402
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Sep-2022 23:13:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 943030c144315730829302ed66ba85de
a23d3b993b40bc2f97a1566c50376e3debfd2f72
1d3194a56b7a1f4114f716c01f73235b710ef2c9711fa5369911266fd57b9fd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 865e489610a9aca58f1144d8b71ca793
c8f976066478ed67886202484d9389b6f9483321
aa26bf12832acda08d8a19d7530b4acf44ee9d8eaa9d45e7e8515906d6036b2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cashpassport.co.nz/themes/NZ-CPP/images/ico-inline-help.svg
216.119.218.33200 OK 702 B URL HTTP/1.1 cashpassport.co.nz/themes/NZ-CPP/images/ico-inline-help.svg
IP 216.119.218.33:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ac62cfba4df67b662fdd64bdde7970ba
4c8cdd1d0920cfb845e37035e9ac06deae0a92bc
2171ee1d24f2f8e57c6590ca83f367650b0d50fd04c513b6712f744e81ced399
GET /themes/NZ-CPP/images/ico-inline-help.svg HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/themes/NZ-CPP/css/main.css?v=1.0.8209.27440
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!GRdbC2RzIRzoK5FkHmLPFkdQglXvUq5mReZUd70qvL+ib2a7WupCyO3wP5TulY8+xcIkyPdjNsxcVEY=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!7nawQ24QiJD2ilMBF8NxNF9mq+xFLe8CSl4bOwMNymlzS2XghSpEmwfE55KwJ9gEYZBetq8xyZcUPps=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; _gcl_au=1.1.936412235.1663109924
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 04 Nov 2020 20:01:16 GMT
Accept-Ranges: bytes
ETag: "0cee440e5b2d61:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:57 GMT
Content-Length: 702
Vary: Accept-Encoding
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!tBCgmvNKsF+ib3ih6m/9pq26qiEg+aWUCMkV5CgMR9TeDOZIAQt0BvKqbOBe5seRbfEBkGa9J9BnoBc=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!3RRNshkKJgi6WLjQRl0myg78ghC9gOim2VX72EROZ3Z5/NGpCmZZlHZ3bon4tDUZCXKIjRDoa+ruO0Q=; path=/; Httponly; Secure
TS01ade106=0129c5f8e1b44da1d22e617a99dfbd1f1783a67f4aaf15baaadcf0ebb0d535eff33830472480e6584ba61a03b04c04fe9edc430dec; Path=/; Secure; HTTPOnly
cashpassport.co.nz/themes/NZ-CPP/images/cb-checked.svg
216.119.218.33200 OK 418 B URL HTTP/1.1 cashpassport.co.nz/themes/NZ-CPP/images/cb-checked.svg
IP 216.119.218.33:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 962d6e6fd8596f323c460ccf636d4a06
83dbb8f8067111a021198251fda2fab6ebbb2093
84ab782a79d0ab5a7b5bcf734ccde8b565bf4044c1e684d0c162ea0e0e3d467a
GET /themes/NZ-CPP/images/cb-checked.svg HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/themes/NZ-CPP/css/main.css?v=1.0.8209.27440
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!GRdbC2RzIRzoK5FkHmLPFkdQglXvUq5mReZUd70qvL+ib2a7WupCyO3wP5TulY8+xcIkyPdjNsxcVEY=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!7nawQ24QiJD2ilMBF8NxNF9mq+xFLe8CSl4bOwMNymlzS2XghSpEmwfE55KwJ9gEYZBetq8xyZcUPps=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; _gcl_au=1.1.936412235.1663109924
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 04 Nov 2020 20:01:16 GMT
Accept-Ranges: bytes
ETag: "0cee440e5b2d61:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:57 GMT
Content-Length: 418
Vary: Accept-Encoding
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!i61iZL+3NxNx8WhkHmLPFkdQglXvUrDEZRM5I3lB/kfRbIKZd275zGObaRzF1fo9jLRnWal+QjckoGo=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!zCOD2FEIys+a9gIBF8NxNF9mq+xFLfRnyPbAais57tEq+3ZQV42ETOeH3+ITQaoVanUzI3oBaJOV5ds=; path=/; Httponly; Secure
TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; Path=/; Secure; HTTPOnly
adservice.google.com/ddm/fls/i/src=4747528;type=mstrcrd;cat=cplndgpg;ord=1;num=2201878457712;gtm=2od9c0;auiddc=936412235.1663109924;~oref=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256
142.250.74.2200 OK 401 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=4747528;type=mstrcrd;cat=cplndgpg;ord=1;num=2201878457712;gtm=2od9c0;auiddc=936412235.1663109924;~oref=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (520), with no line terminators
Hash 701cf85f42bbe47840e05c84ad1e6766
a7909cef037ff727d6dbbf6413d6c308052eaba3
b560fe96ffb8f19171f62ea47eb71b4915829b0e41747a17b0793ace4f757de0
GET /ddm/fls/i/src=4747528;type=mstrcrd;cat=cplndgpg;ord=1;num=2201878457712;gtm=2od9c0;auiddc=936412235.1663109924;~oref=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4747528.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 22:58:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 401
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 865e489610a9aca58f1144d8b71ca793
c8f976066478ed67886202484d9389b6f9483321
aa26bf12832acda08d8a19d7530b4acf44ee9d8eaa9d45e7e8515906d6036b2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a44521d3957cdba57b0fc21915252110
e04f70e8f3271d219d22be1a0c54f7a047abdd55
aaca825919de7c1d549ae107d482a8ac35cf518c1141ef3054018267a26067bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=4747528;type=mstrcrd;cat=cplndgpg;ord=1;num=2201878457712;gtm=2od9c0;auiddc=936412235.1663109924;~oref=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256
142.250.74.98302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=4747528;type=mstrcrd;cat=cplndgpg;ord=1;num=2201878457712;gtm=2od9c0;auiddc=936412235.1663109924;~oref=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=4747528;type=mstrcrd;cat=cplndgpg;ord=1;num=2201878457712;gtm=2od9c0;auiddc=936412235.1663109924;~oref=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 22:58:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://4747528.fls.doubleclick.net/ddm/fls/r/src=4747528;type=mstrcrd;cat=cplndgpg;ord=1;num=2201878457712;gtm=2od9c0;auiddc=936412235.1663109924;~oref=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 13 Sep 2022 22:41:12 GMT
expires: Wed, 14 Sep 2022 00:41:12 GMT
cache-control: public, max-age=7200
age: 1066
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a44521d3957cdba57b0fc21915252110
e04f70e8f3271d219d22be1a0c54f7a047abdd55
aaca825919de7c1d549ae107d482a8ac35cf518c1141ef3054018267a26067bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
142.250.74.163200 OK 157 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (539)
Size 157 kB (157166 bytes)
Hash 026df0dfed2314af108e700900288961
51c2a55bca7d65c549ef138d1294cac2aa98dd96
24eefc59f5d298ce40bdd33c8157ad14631984159fca8e5980037366c44c2b34
GET /recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cashpassport.co.nz
Connection: keep-alive
Referer: https://cashpassport.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157166
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 17:23:20 GMT
expires: Wed, 13 Sep 2023 17:23:20 GMT
cache-control: public, max-age=31536000
age: 20138
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cashpassport.co.nz/favicon.ico
216.119.218.33404 Not Found 0 B URL HTTP/1.1 cashpassport.co.nz/favicon.ico
IP 216.119.218.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/login?et_cid=151833&et_subid=20334149&et_mid=6360256
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!i61iZL+3NxNx8WhkHmLPFkdQglXvUrDEZRM5I3lB/kfRbIKZd275zGObaRzF1fo9jLRnWal+QjckoGo=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!zCOD2FEIys+a9gIBF8NxNF9mq+xFLfRnyPbAais57tEq+3ZQV42ETOeH3+ITQaoVanUzI3oBaJOV5ds=; TS01ade106=01772feb4b1ec8b69fc1b227a6288c86ad0acc790171093f89d16c122dae30807c8c15709c289c0b2ba27e24a0a8de1736ff9ed1ac; _gcl_au=1.1.936412235.1663109924
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:58:57 GMT
Content-Length: 0
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!hu3N8G/hDb6Zlyyh6m/9pq26qiEg+bt+TevVq7pLP9ZIpbGCzsnFgHhsRXjVcIF+TUSqbgfDvmmabh4=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!zXho2zEwOaf0z6LQRl0myg78ghC9gLHpIOcpWrDEUCvi5lIDWEt23MLxUBOjbUIP51hdhM6cub8rg6M=; path=/; Httponly; Secure
TS01ade106=0129c5f8e11c2c4d20574a8b1b215ea98628e880ae21f8e0642c7e5397bbeb1cdf5af2a9433ab5228ecbc94cdcb3446d122a18c027; Path=/; Secure; HTTPOnly
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 89dc4294d8e50675a5cb111e84d38452
993b0be337e43de62b8a33bef20c972881c8a646
27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/793746537/?random=1663109924827&cv=9&fst=1663109924827&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9c0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256&auid=936412235.1663109924&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/793746537/?random=1663109924827&cv=9&fst=1663109924827&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9c0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256&auid=936412235.1663109924&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2304), with no line terminators
Hash eb0b75613b75f4049110374d614696ed
804d32248cbc35559edf845e8288dd9e649fcece
3feeec7ba60616bdad8f4654aafd80ef2e502206372923dc441ccbbb8b0f5135
GET /pagead/viewthroughconversion/793746537/?random=1663109924827&cv=9&fst=1663109924827&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9c0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcashpassport.co.nz%2Flogin%3Fet_cid%3D151833%26et_subid%3D20334149%26et_mid%3D6360256&auid=936412235.1663109924&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 22:58:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1058
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Sep-2022 23:13:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.adnxs.com/px?id=1007229&seg=13649873&t=1
37.252.173.38307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=1007229&seg=13649873&t=1
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=1007229&seg=13649873&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4747528.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 13 Sep 2022 22:58:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1007229%26seg%3D13649873%26t%3D1
AN-X-Request-Uuid: a0fc06a7-21c5-4cf8-aa87-d9f1342e919e
Set-Cookie: uuid2=2874761942247168257; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Dec-2022 22:58:58 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash af5252a819b12478c6f6b2203c354e00
3b0edac1f2444d656b1755e4ffc4e00278c4508d
51777fe7ea4763134ddeed067bef14605680952ec247ded7f4e2f999fc351738
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 13 Sep 2022 22:58:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 13 Sep 2022 21:58:51 GMT
Expires: Wed, 14 Sep 2022 21:58:51 GMT
ETag: "3b0edac1f2444d656b1755e4ffc4e00278c4508d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash af5252a819b12478c6f6b2203c354e00
3b0edac1f2444d656b1755e4ffc4e00278c4508d
51777fe7ea4763134ddeed067bef14605680952ec247ded7f4e2f999fc351738
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 13 Sep 2022 22:58:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 13 Sep 2022 21:58:51 GMT
Expires: Wed, 14 Sep 2022 21:58:51 GMT
ETag: "3b0edac1f2444d656b1755e4ffc4e00278c4508d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 89dc4294d8e50675a5cb111e84d38452
993b0be337e43de62b8a33bef20c972881c8a646
27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1007229%26seg%3D13649873%26t%3D1
37.252.173.38200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1007229%26seg%3D13649873%26t%3D1
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fpx%3Fid%3D1007229%26seg%3D13649873%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4747528.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 13 Sep 2022 22:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 9cc94463-fc03-4046-88eb-75eb0ce5e3da
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
tag.yieldoptimizer.com/ps/ps?t=s&p=1493&pg=ot&sg=hpnz
35.186.212.60302 Found 0 B URL HTTP/2 tag.yieldoptimizer.com/ps/ps?t=s&p=1493&pg=ot&sg=hpnz
IP 35.186.212.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ps/ps?t=s&p=1493&pg=ot&sg=hpnz HTTP/1.1
Host: tag.yieldoptimizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4747528.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache-Coyote/1.1
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
set-cookie: ph=%7B%22p%22%3A%5B%5D%2C%22t%22%3A%5B%5D%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
fbh0=%7B%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
dph=%7B%22t%22%3A%5B%5D%2C%22dp%22%3A%5B%5D%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
gcma=%7B%22t%22%3A0%2C%22o%22%3Afalse%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
rmxc=%7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
cktst=340100709; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
pragma: no-cache
location: https://tag.yieldoptimizer.com/ps/ps?tc=340100709&t=s&p=1493&pg=ot&sg=hpnz
content-length: 0
date: Tue, 13 Sep 2022 22:58:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tag.yieldoptimizer.com/ps/ps?t=s&p=1582&pg=ot&
35.186.212.60302 Found 0 B URL HTTP/2 tag.yieldoptimizer.com/ps/ps?t=s&p=1582&pg=ot&
IP 35.186.212.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ps/ps?t=s&p=1582&pg=ot& HTTP/1.1
Host: tag.yieldoptimizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4747528.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache-Coyote/1.1
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
set-cookie: ph=%7B%22p%22%3A%5B%5D%2C%22t%22%3A%5B%5D%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
fbh0=%7B%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
dph=%7B%22t%22%3A%5B%5D%2C%22dp%22%3A%5B%5D%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
gcma=%7B%22t%22%3A0%2C%22o%22%3Afalse%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
rmxc=%7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
cktst=320491377; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
pragma: no-cache
location: https://tag.yieldoptimizer.com/ps/ps?tc=320491377&t=s&p=1582&pg=ot&
content-length: 0
date: Tue, 13 Sep 2022 22:58:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tag.yieldoptimizer.com/ps/ps?tc=340100709&t=s&p=1493&pg=ot&sg=hpnz
35.186.212.60200 OK 2 B URL HTTP/2 tag.yieldoptimizer.com/ps/ps?tc=340100709&t=s&p=1493&pg=ot&sg=hpnz
IP 35.186.212.60:0
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
GET /ps/ps?tc=340100709&t=s&p=1493&pg=ot&sg=hpnz HTTP/1.1
Host: tag.yieldoptimizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4747528.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache-Coyote/1.1
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
set-cookie: ph=%7B%22p%22%3A%5B%5D%2C%22t%22%3A%5B%5D%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
fbh0=%7B%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
dph=%7B%22t%22%3A%5B%5D%2C%22dp%22%3A%5B%5D%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
gcma=%7B%22t%22%3A0%2C%22o%22%3Afalse%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure
rmxc=%7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure
pragma: no-cache
content-type: text/javascript;charset=ISO-8859-1
content-length: 2
date: Tue, 13 Sep 2022 22:58:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tag.yieldoptimizer.com/ps/ps?tc=320491377&t=s&p=1582&pg=ot&
35.186.212.60200 OK 2 B URL HTTP/2 tag.yieldoptimizer.com/ps/ps?tc=320491377&t=s&p=1582&pg=ot&
IP 35.186.212.60:0
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
GET /ps/ps?tc=320491377&t=s&p=1582&pg=ot& HTTP/1.1
Host: tag.yieldoptimizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4747528.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache-Coyote/1.1
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
set-cookie: ph=%7B%22p%22%3A%5B%5D%2C%22t%22%3A%5B%5D%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
fbh0=%7B%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
dph=%7B%22t%22%3A%5B%5D%2C%22dp%22%3A%5B%5D%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure; SameSite=None
gcma=%7B%22t%22%3A0%2C%22o%22%3Afalse%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure
rmxc=%7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D; Domain=yieldoptimizer.com; Expires=Wed, 13-Sep-2023 22:58:58 GMT; Path=/; Secure
pragma: no-cache
content-type: text/javascript;charset=ISO-8859-1
content-length: 2
date: Tue, 13 Sep 2022 22:58:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash af5252a819b12478c6f6b2203c354e00
3b0edac1f2444d656b1755e4ffc4e00278c4508d
51777fe7ea4763134ddeed067bef14605680952ec247ded7f4e2f999fc351738
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 13 Sep 2022 22:58:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 13 Sep 2022 21:58:51 GMT
Expires: Wed, 14 Sep 2022 21:58:51 GMT
ETag: "3b0edac1f2444d656b1755e4ffc4e00278c4508d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
pixel.mathtag.com/event/js?mt_id=1418716&mt_adid=222953&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
2.18.172.207200 OK 1.5 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1418716&mt_adid=222953&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP 2.18.172.207:0
Hash 786af0f058aad02722fa39adf0ea0561
0f513b05fd3bf32dc40269cfdd1aa07259fcc8eb
e8a30b14b1fd5c85c3815fcf2254341d8a291e41e928b91b602c5998591e9bfc
GET /event/js?mt_id=1418716&mt_adid=222953&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4747528.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1493
Access-Control-Allow-Origin: *
Server: MT3 4505 5b23575 master cdg-pixel-x27 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Tue, 13 Sep 2022 22:58:57 GMT
Date: Tue, 13 Sep 2022 22:58:58 GMT
Connection: keep-alive
Set-Cookie: uuid=3ec26321-0b32-4300-971c-9ec321f3c96a; domain=.mathtag.com; path=/; expires=Wed, 11-Oct-2023 22:58:58 GMT; SameSite=None; Secure
pixel.mathtag.com/sync/iframe?mt_uuid=3ec26321-0b32-4300-971c-9ec321f3c96a&no_iframe=1&mt_adid=222953&source=mathtag
2.18.172.207200 OK 713 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=3ec26321-0b32-4300-971c-9ec321f3c96a&no_iframe=1&mt_adid=222953&source=mathtag
IP 2.18.172.207:0
File type HTML document text\012- HTML document, ASCII text
Hash f853f2ecf3f2d763c4057f4ff5c3e4e8
0f9ca6de16aa4261f1202443311462a81717dd85
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
GET /sync/iframe?mt_uuid=3ec26321-0b32-4300-971c-9ec321f3c96a&no_iframe=1&mt_adid=222953&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4747528.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 713
Access-Control-Allow-Origin: *
Server: MT3 4505 5b23575 master cdg-pixel-x11 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Tue, 13 Sep 2022 22:58:57 GMT
Date: Tue, 13 Sep 2022 22:58:58 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 12:31:58 GMT
expires: Sun, 10 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 296820
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=8724017;type=invmedia;cat=3exvtpgh;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5707951161249.231;~oref=https://4747528.fls.doubleclick.net/
142.250.74.98200 OK 177 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8724017;type=invmedia;cat=3exvtpgh;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5707951161249.231;~oref=https://4747528.fls.doubleclick.net/
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
GET /ddm/fls/i/src=8724017;type=invmedia;cat=3exvtpgh;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5707951161249.231;~oref=https://4747528.fls.doubleclick.net/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 22:58:58 GMT
expires: Tue, 13 Sep 2022 22:58:58 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
2.18.172.207200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP 2.18.172.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=3ec26321-0b32-4300-971c-9ec321f3c96a&no_iframe=1&mt_adid=222953&source=mathtag
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 4505 5b23575 master cdg-pixel-x27 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Tue, 13 Sep 2022 22:58:57 GMT
Date: Tue, 13 Sep 2022 22:58:58 GMT
Connection: keep-alive
Set-Cookie: uuid=e0dd6321-0b32-4600-bb64-b81957f11afa; domain=.mathtag.com; path=/; expires=Wed, 11-Oct-2023 22:58:58 GMT; SameSite=None; Secure
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5befd5bb8e6d5dad2465be69d5a33e4
e5b46c3ca439a09950290cada1af5e27cede10f2
4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1X79jBMZa4UQmWsLdg_QIg5MQeersp1O3iSgpKd6R2f8Kl7PAJh0hQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:49:32 GMT
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
content-type: image/jpeg
age: 4171
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cashpassport.co.nz/themes/NZ-CPP/images/ico-warn-msg.svg
216.119.218.33200 OK 780 B URL HTTP/1.1 cashpassport.co.nz/themes/NZ-CPP/images/ico-warn-msg.svg
IP 216.119.218.33:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 19d1b337f071f30ba1af872a711c29af
29e6702834830ef1198d093f9118427e8b1a153e
c1826148d353cf46a9aa224368450a41561af3f0f63fee735d508819865cef64
GET /themes/NZ-CPP/images/ico-warn-msg.svg HTTP/1.1
Host: cashpassport.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/themes/NZ-CPP/css/main.css?v=1.0.8209.27440
Cookie: LanguageCookie=en-US; BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!el2dKgjEV1xuKKKh6m/9pq26qiEg+WTcIBCmd1terHIkMrU6lj2HKHFmeVm/YqqpSuUYk4CFLCw/umQ=; BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!UMhWYoNTtXnnVvHQRl0myg78ghC9gLhFXVr8MKxUQ8y6+LFhE45pcry2VSKxEMH49ZM40Ij2HBAZQ7A=; TS01ade106=0129c5f8e1c098055cb132dd00b6cf63db0232fc61015d0a1525e18a1515eb8413cc302f4204dce825feff88dd33175fed5872fd19
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 04 Nov 2020 20:01:16 GMT
Accept-Ranges: bytes
ETag: "0cee440e5b2d61:0"
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Sep 2022 22:59:03 GMT
Content-Length: 780
Vary: Accept-Encoding
Set-Cookie: BIGipServertcw.dmz2.mastercard.int.NZ-https-pool=!ggjDMkm1S0AxHldkHmLPFkdQglXvUtGB+1v3G3lmZeUrB3zFAhYBt1oQsoglVDyksMdVac9GaHxbMcg=; path=/; Httponly; Secure
BIGipServertcw.mpms.mastercard.com.NZ-https-pool=!eXzjPezjLtMnvnYBF8NxNF9mq+xFLbdJyxcyvsOJsB2RkFVn6qX/hGekmVXZaH5M/HWZLt8G9Rqak5M=; path=/; Httponly; Secure
TS01ade106=01772feb4b0dfad3b7ac4e64e85564a9ddd8434c8ef9889f109c969b63e7b75219ae4c9ace7126c0cc89598662b4bfd5b69f8e3c3c; Path=/; Secure; HTTPOnly
fonts.googleapis.com/css?family=Miriam+Libre:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Miriam+Libre:400,700
IP 142.250.74.10:0
GET /css?family=Miriam+Libre:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashpassport.co.nz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 22:58:56 GMT
date: Tue, 13 Sep 2022 22:58:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2