urlscan.io logo urlscan.io
SecurityTrails logo

app.next.nuorder.com Open in urlscan Pro
34.107.179.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.next.nuorder.com/
Effective URL: https://app.next.nuorder.com/
Submission: On January 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 13 domains to perform 49 HTTP transactions. The main IP is 34.107.179.221, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is app.next.nuorder.com. The Cisco Umbrella rank of the primary domain is 155124.
TLS certificate: Issued by GTS CA 1D4 on December 20th 2023. Valid for: 3 months.
This is the only time app.next.nuorder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    34.107.179.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.179.107.34.bc.googleusercontent.com
app.next.nuorder.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    35.190.40.19 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 19.40.190.35.bc.googleusercontent.com
assets.nuorder.com
4    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
1    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
9    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
5    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
1    13.248.151.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com
clientstream.launchdarkly.com
2    52.205.126.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-126-0.compute-1.amazonaws.com
events.launchdarkly.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
1    34.208.13.71 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-13-71.us-west-2.compute.amazonaws.com
m.stripe.com
1    34.96.110.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.110.96.34.bc.googleusercontent.com
cdn.wootric.com
3    2a04:4e42:200::622 (None, )

ASN- ()
fast.appcues.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.155.246.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-246-37.us-west-2.compute.amazonaws.com
api.segment.io
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:808::2008 (None, )

ASN- ()
www.googletagmanager.com
1    2001:4860:4802:34::36 (None, )

ASN- ()
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
12 nuorder.com
app.next.nuorder.com — Cisco Umbrella Rank: 155124
assets.nuorder.com — Cisco Umbrella Rank: 183744
7 MB
9 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1697
82 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1227
q.stripe.com — Cisco Umbrella Rank: 7010
m.stripe.com — Cisco Umbrella Rank: 1188
166 KB
7 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 589
clientstream.launchdarkly.com — Cisco Umbrella Rank: 963
events.launchdarkly.com — Cisco Umbrella Rank: 886
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com
21 KB
3 appcues.com
fast.appcues.com
135 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1315
16 KB
1 googletagmanager.com
www.googletagmanager.com
85 KB
1 gstatic.com
fonts.gstatic.com
24 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1326
178 B
1 wootric.com
cdn.wootric.com — Cisco Umbrella Rank: 7653
63 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 170
324 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
961 B
49 13
Domain Requested by
9 cdn.segment.com assets.nuorder.com
cdn.segment.com
7 assets.nuorder.com app.next.nuorder.com
assets.nuorder.com
5 app.next.nuorder.com 1 redirects assets.nuorder.com
4 app.launchdarkly.com assets.nuorder.com
3 fast.appcues.com cdn.segment.com
fast.appcues.com
3 q.stripe.com app.next.nuorder.com
3 js.stripe.com assets.nuorder.com
js.stripe.com
2 www.google-analytics.com cdn.segment.com
assets.nuorder.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 events.launchdarkly.com assets.nuorder.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 api.segment.io assets.nuorder.com
1 cdn.wootric.com cdn.segment.com
1 m.stripe.com m.stripe.network
1 clientstream.launchdarkly.com app.next.nuorder.com
1 sentry.io assets.nuorder.com
1 fonts.googleapis.com app.next.nuorder.com
49 19

This site contains links to these domains. Also see Links.

Domain
www.nuorder.com
helpdesk.nuorder.com
Subject Issuer Validity Valid
nuorder.com
GTS CA 1D4		 2023-12-20 -
2024-03-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
assets.nuorder.com
GTS CA 1D4		 2023-12-04 -
2024-03-03		 3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-02 -
2024-08-02		 a year crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2024-09-07		 a year crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-01-02 -
2024-04-04		 3 months crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02		 2023-08-09 -
2024-09-05		 a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M02		 2023-06-21 -
2024-07-20		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
cdn.wootric.com
GTS CA 1D4		 2024-01-10 -
2024-04-09		 3 months crt.sh
fast.appcues.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-05 -
2024-09-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://app.next.nuorder.com/
Frame ID: 4A035B5FD649C99DC78A7DC6E4B102D0
Requests: 38 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 0E5B3F455AA7B937DC62B629CEBCF233
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 58C4FD8FC6289D6066B3E55118C31DE1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NuORDERNuORDER by Lightspeed

Page URL History Show full URLs

  1. http://app.next.nuorder.com/ HTTP 307
    https://app.next.nuorder.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

49
Requests

98 %
HTTPS

33 %
IPv6

13
Domains

19
Subdomains

19
IPs

2
Countries

7259 kB
Transfer

29624 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.next.nuorder.com/ HTTP 307
    https://app.next.nuorder.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.next.nuorder.com/
Redirect Chain
  • http://app.next.nuorder.com/
  • https://app.next.nuorder.com/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.next.nuorder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.179.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.179.107.34.bc.googleusercontent.com
Software
/
Resource Hash
03d23e697993ada23b4fd4d8b3053039b98542fb201764603ac8c77b93677899

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
1598
content-type
text/html; charset=utf-8
date
Thu, 18 Jan 2024 17:55:38 GMT
etag
j6IRV4ZszywonwL40EGmyoW05mY=
vary
Accept-Encoding
via
1.1 google
x-nu-req-id
cmkmc6jdkpbnelrgjg90

Redirect headers

Content-Length
65
Content-Type
text/html; charset=utf-8
Date
Thu, 18 Jan 2024 17:55:37 GMT
Location
https://app.next.nuorder.com/
Via
1.1 google
X-Nu-Req-Id
cmkmc6bdkpbnelrgjg7g
css
fonts.googleapis.com/ 		4 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700|Cardo:400,700
Requested by
Host: app.next.nuorder.com
URL: https://app.next.nuorder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
446a15787617b57aee8eb261f42286ff6ee0cbad9f6c2ee948a3fff877506b4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Jan 2024 17:55:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 17:55:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Jan 2024 17:55:38 GMT
vendor.5c838677.js
assets.nuorder.com/assets/423612/gz/static/js/ 		15 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.nuorder.com/assets/423612/gz/static/js/vendor.5c838677.js
Requested by
Host: app.next.nuorder.com
URL: https://app.next.nuorder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.40.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.40.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d796a8ea1bace7323133b3936f21daf2777da60866a170d03662d7c582bffe37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 20:38:28 GMT
content-encoding
gzip
age
76630
x-guploader-uploadid
ABPtcPrh-uIvGWPUzrsROpQlTYetrIhTgGvpahmfoaHpmRxTlui-YG0glk-it4FepmnmKDULRKg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046652
last-modified
Wed, 17 Jan 2024 20:30:05 GMT
server
UploadServer
etag
"77f0282acdd4d1e93187063798d101ae"
vary
Accept-Encoding
x-goog-generation
1705523405129258
x-goog-hash
crc32c=V16Kzg==, md5=d/AoKs3U0ekxhwY3mNEBrg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=2592000
x-goog-stored-content-length
4046652
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 16 Feb 2024 20:38:28 GMT
main.55fcef39.js
assets.nuorder.com/assets/423612/gz/static/js/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.nuorder.com/assets/423612/gz/static/js/main.55fcef39.js
Requested by
Host: app.next.nuorder.com
URL: https://app.next.nuorder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.40.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.40.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3245a3c749dd1ffc1afd1d8a090275c7a8f8d8722f5d25398ff9d29e47860ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 20:38:28 GMT
content-encoding
gzip
age
76630
x-guploader-uploadid
ABPtcPoH4uBmtSy6VsUr26q-fAbqksfr3GqkDNRF8OOtKodC2FcZBAkGB0wzniboADqm7jvAvVc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5458
last-modified
Wed, 17 Jan 2024 20:30:04 GMT
server
UploadServer
etag
"5757cd4d27e96989781c1df8b3921f83"
vary
Accept-Encoding
x-goog-generation
1705523404478270
x-goog-hash
crc32c=de2qog==, md5=V1fNTSfpaYl4HB34s5Ifgw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=2592000
x-goog-stored-content-length
5458
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 16 Feb 2024 20:38:28 GMT
main.js
assets.nuorder.com/na/v0.26.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.nuorder.com/na/v0.26.0/main.js
Requested by
Host: app.next.nuorder.com
URL: https://app.next.nuorder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.40.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.40.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ab3d910b8df109637ab69abfedd1eec08c8fd862731e9a20842549045e5f0d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 19:53:47 GMT
content-encoding
gzip
age
1116111
x-guploader-uploadid
ABPtcPrxwp_SQS-F_TYXaO7GNEB69nm33dtmsqjRjRPQ6uVlS7m72YM5HglFA3N9MI5Clz4wunjCE_z4Ug
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3146
last-modified
Thu, 30 Jan 2020 23:33:09 GMT
server
UploadServer
etag
"323d8d486275e101f52d46574af5b303"
vary
Accept-Encoding
x-goog-generation
1580427189035562
x-goog-hash
crc32c=5PKUkw==, md5=Mj2NSGJ14QH1LUZXSvWzAw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=2592000
x-goog-stored-content-length
3146
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Feb 2024 19:53:47 GMT
58492e5e-43a0-4c11-836a-6a6f1569954f
https://app.next.nuorder.com/ 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://app.next.nuorder.com/58492e5e-43a0-4c11-836a-6a6f1569954f
Requested by
Host: app.next.nuorder.com
URL: https://app.next.nuorder.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04490fc9a924a388e251ea7f6e46d4eabd92f15bc1fa4c9c5a9ab429010c5d4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
3399
Content-Type
remoteEntry.js
app.next.nuorder.com/federated/payments/ 		509 KB
511 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.next.nuorder.com/federated/payments/remoteEntry.js
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/assets/423612/gz/static/js/main.55fcef39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.179.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.179.107.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
92a2efef1ed85d0ea2e0ceee1bae2f3092f9ffb87850811b255e0e1da08ee3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 17:55:39 GMT
via
1.1 google
last-modified
Tue, 16 Jan 2024 20:50:39 GMT
etag
W/"7f5b1-18d140a5918"
x-powered-by
Express
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
521649
x-nu-req-id
cmkmc6rtfmtjs38qgbd0
3.30113366.chunk.js
assets.nuorder.com/assets/423612/gz/static/js/ 		10 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.nuorder.com/assets/423612/gz/static/js/3.30113366.chunk.js
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/assets/423612/gz/static/js/main.55fcef39.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.40.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.40.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 21:08:02 GMT
content-encoding
gzip
age
74857
x-guploader-uploadid
ABPtcPpPkPN0QsHRwUO3_NNk11o8waH7c9Yz8IXpzfMYXQoQ5heJvD9MGZNbIidmDMHJc8G54VfpZDSXPQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2088156
last-modified
Wed, 17 Jan 2024 20:30:05 GMT
server
UploadServer
etag
"ef43781ff4dbf8dd608c0ab6923e8726"
vary
Accept-Encoding
x-goog-generation
1705523405566553
x-goog-hash
crc32c=7mr9Tg==, md5=70N4H/Tb+N1gjAq2kj6HJg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=2592000
x-goog-stored-content-length
2088156
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 16 Feb 2024 21:08:02 GMT
60dbd2b4ce62f1240b46c75a
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/60dbd2b4ce62f1240b46c75a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://app.next.nuorder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Thu, 18 Jan 2024 17:55:42 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-etou8220114-FRA
x-timer
S1705600543.677242,VS0,VE1
eyJrZXkiOiJBTk9OWU1PVVNfVVNFUiIsImFub255bW91cyI6dHJ1ZX0
app.launchdarkly.com/sdk/evalx/60dbd2b4ce62f1240b46c75a/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/60dbd2b4ce62f1240b46c75a/users/eyJrZXkiOiJBTk9OWU1PVVNfVVNFUiIsImFub255bW91cyI6dHJ1ZX0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://app.next.nuorder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Thu, 18 Jan 2024 17:55:42 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-etou8220114-FRA
x-timer
S1705600543.677286,VS0,VE3
/
sentry.io/api/42876/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/42876/envelope/?sentry_key=8567f9c498274c3bb9e0ca3c25ab8ae1&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.17.3
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/assets/423612/gz/static/js/vendor.5c838677.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.next.nuorder.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 18 Jan 2024 17:55:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
analytics.min.js
cdn.segment.com/analytics.js/v1/t027uc6luh/ 		108 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/t027uc6luh/analytics.min.js
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/assets/423612/gz/static/js/vendor.5c838677.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44b48d8767b303804abccb43c8a22299c8b1a1bd9a711bab0c84fc946f4c0f8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
RVP4rJVPqxTho65xehsnJ5PgL08WGU0i
content-encoding
br
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
date
Thu, 18 Jan 2024 17:54:43 GMT
x-amz-cf-pop
FRA6-C1
age
60
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 17 Jan 2024 20:12:12 GMT
server
AmazonS3
etag
W/"a0f13a4445d2c019f1c29931b8db019e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
44TwrlyRuVU-k5BJdF3i5xFoM_x7HH5jKSd3Jgae0pZi5Odo70MbSg==
60dbd2b4ce62f1240b46c75a
app.launchdarkly.com/sdk/goals/ 		2 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/60dbd2b4ce62f1240b46c75a
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/na/v0.26.0/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://app.next.nuorder.com/
X-LaunchDarkly-Wrapper
react-client-sdk/2.26.0
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.22.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Thu, 18 Jan 2024 17:55:42 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-fra-etou8220114-FRA
x-timer
S1705600543.718676,VS0,VE14
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
1
v3
js.stripe.com/ 		585 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/assets/423612/gz/static/js/vendor.5c838677.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ab5896c4f28152942b089d685fefcb1ab59c91c345b73a44da1d416119124ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 18 Jan 2024 17:55:42 GMT
via
1.1 varnish
age
29
x-cache
HIT
content-length
166030
x-request-id
97f6ae33-0ad0-45ac-8291-94f404d1eec1
x-served-by
cache-fra-etou8220033-FRA
last-modified
Thu, 18 Jan 2024 05:59:09 GMT
server
Fastly
etag
"7186d200916e5464e2e931eb575481e8"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17
eyJrZXkiOiJBTk9OWU1PVVNfVVNFUiIsImFub255bW91cyI6dHJ1ZX0
app.launchdarkly.com/sdk/evalx/60dbd2b4ce62f1240b46c75a/users/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/60dbd2b4ce62f1240b46c75a/users/eyJrZXkiOiJBTk9OWU1PVVNfVVNFUiIsImFub255bW91cyI6dHJ1ZX0
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/na/v0.26.0/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e48c2094d6d1f04a76fe020f14f5fbfb8a79de60ee524c9a90223a73d0087477

Request headers

Referer
https://app.next.nuorder.com/
X-LaunchDarkly-Wrapper
react-client-sdk/2.26.0
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.22.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 17:55:42 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
HIT
content-length
1171
x-served-by
cache-fra-etou8220028-FRA, cache-fra-etou8220114-FRA
x-timer
S1705600543.720308,VS0,VE5
etag
"748dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
1
me
app.next.nuorder.com/_a_p_i_/ 		12 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.next.nuorder.com/_a_p_i_/me
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/na/v0.26.0/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.179.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.179.107.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
88f5b88a40723f5fbb9b701a79c36509741029c72c51ca5f516d8187dcef6bae

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json
accept
application/json
module
default
Referer
https://app.next.nuorder.com/
x-requested-with
XMLHttpRequest
active-brand

Response headers

date
Thu, 18 Jan 2024 17:55:42 GMT
via
1.1 google
x-powered-by
Express
request-id
a98c7d66-3f2e-4082-8b73-779b49ce9b1c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
x-nu-req-id
cmkmc7iqs65jm0ns4udg
forward
https://app.next.nuorder.com/
etag
W/"c-uQ8lVl3yEAqq6+DayUEVNrmi0Ko"
access-control-max-age
1728000
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
wholesale.next.nuorder.com
access-control-expose-headers
Content-Type,Next,*
x-cloud-trace-context
58962bd5911121681503f798de144806/3604642054145952249;o=1
access-control-allow-credentials
true
access-control-allow-headers
Accept,Content-Type,X-Requested-With,module,Active-Brand,CampaignId,Cache-Control,X-HTTP-Method-Override,Content-Length,Modified-On,Authorization,User-Agent
settings
cdn.segment.com/v1/projects/t027uc6luh/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/t027uc6luh/settings
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/assets/423612/gz/static/js/vendor.5c838677.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37167e47c7d3e37905651231fbd6070353623e2541d17586112dd6c1613475ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
bEDVr5J60umLhm7oD1h.luzPHLA0T8xu
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
date
Thu, 18 Jan 2024 15:28:18 GMT
x-amz-cf-pop
FRA6-C1
age
8926
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 01 Sep 2022 21:09:17 GMT
server
AmazonS3
etag
W/"ec33ca02ede7254f166c3a275ed75b05"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
huotvehhXjlfUoFeMWC9innhSOKFark3TeCQQdSd06i5m4Ad9-L0Sw==
eyJrZXkiOiJBTk9OWU1PVVNfVVNFUiIsImFub255bW91cyI6dHJ1ZX0
clientstream.launchdarkly.com/eval/60dbd2b4ce62f1240b46c75a/ 		6 KB
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/60dbd2b4ce62f1240b46c75a/eyJrZXkiOiJBTk9OWU1PVVNfVVNFUiIsImFub255bW91cyI6dHJ1ZX0
Requested by
Host: app.next.nuorder.com
URL: https://app.next.nuorder.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.151.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://app.next.nuorder.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 17:55:42 GMT
strict-transport-security
max-age=31536000
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
60dbd2b4ce62f1240b46c75a
events.launchdarkly.com/events/diagnostic/ 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/60dbd2b4ce62f1240b46c75a
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/na/v0.26.0/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.205.126.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-126-0.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://app.next.nuorder.com/
X-LaunchDarkly-Wrapper
react-client-sdk/2.26.0
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.22.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 18 Jan 2024 17:55:43 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 0E5B 		200 B
819 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.next.nuorder.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3757429
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 18 Jan 2024 17:55:42 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
694487
x-content-type-options
nosniff
x-request-id
76916000-bd84-4418-ba67-cdd48b637965
x-served-by
cache-fra-etou8220033-FRA
60dbd2b4ce62f1240b46c75a
events.launchdarkly.com/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/60dbd2b4ce62f1240b46c75a
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.205.126.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-126-0.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://app.next.nuorder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Thu, 18 Jan 2024 17:55:43 GMT
strict-transport-security
max-age=31536000
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 0E5B 		526 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 18 Jan 2024 17:55:42 GMT
via
1.1 varnish
age
3678448
x-cache
HIT
content-length
315
x-request-id
6c01336a-88b3-41a5-a5b1-6b362724bfca
x-served-by
cache-fra-etou8220033-FRA
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
662760
csp-report
q.stripe.com/ Frame 0E5B 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.next.nuorder.com
URL: https://app.next.nuorder.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 18 Jan 2024 17:55:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1705600543450964
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1705600543450443
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 0E5B 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.next.nuorder.com
URL: https://app.next.nuorder.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 18 Jan 2024 17:55:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1705600543450774
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1705600543450458
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
ajs-destination.bundle.13362ca512563a10e34d.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/t027uc6luh/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:48:28 GMT
x-amz-version-id
p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding
br
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5519235
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 15 Nov 2023 20:12:01 GMT
server
AmazonS3
etag
W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
34VuQedmN1E8T6vXscHcuRuu1HeaexCRhlE1zrK6_SeR9d6PD0yQNw==
inner.html
m.stripe.network/ Frame 58C4 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
111
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 18 Jan 2024 17:55:42 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
115
x-content-type-options
nosniff
x-request-id
e0aa541f-26d5-48f1-bd56-1f7c4d529e1c
x-served-by
cache-fra-etou8220033-FRA
x-timer
S1705600543.985089,VS0,VE0
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/t027uc6luh/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 16:42:23 GMT
x-amz-version-id
ImHr9JVwNOQx3sB3unWxqI5ddwoeSEnO
content-encoding
br
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3806000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 01 Dec 2023 20:22:01 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
0-WFIlwmK2bRa8cxU-kS0Dgnhh9qWKUGRWPxBKjcL6gNB8iGX7CFcw==
en.json
assets.nuorder.com/assets/423612/gz/locales/ 		550 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.nuorder.com/assets/423612/gz/locales/en.json?_v=4.90.1
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/assets/423612/gz/static/js/vendor.5c838677.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.40.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.40.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ad4c10960cc62f1108eecb9e9e5a873e3564d3b20a0e278c05a89767c7556555

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 21:34:47 GMT
content-encoding
gzip
age
73256
x-guploader-uploadid
ABPtcPojgpsqq_11bJIhUBDZ1yRB9xU2rmG02kGOxeZbWJYkZU0HOy12yOTxAQDy0ZV9rqIEnpDd6bF70g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53540
last-modified
Wed, 17 Jan 2024 20:30:10 GMT
server
UploadServer
etag
"1e81555590f51445805e9ba4985880c5"
vary
Accept-Encoding
x-goog-generation
1705523410722345
x-goog-hash
crc32c=/9nJ3A==, md5=HoFVVZD1FEWAXpukmFiAxQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=2592000
x-goog-stored-content-length
53540
accept-ranges
bytes
content-type
application/json
expires
Fri, 16 Feb 2024 21:34:47 GMT
en.json
assets.nuorder.com/assets/423612/gz/messages/ 		497 KB
93 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.nuorder.com/assets/423612/gz/messages/en.json?_v=4.90.1
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/assets/423612/gz/static/js/vendor.5c838677.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.40.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.40.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8f154c170fbebc54b2c7cebb328adc226f451da366a6f8a7b3988641eb367dbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 21:34:47 GMT
content-encoding
gzip
age
73256
x-guploader-uploadid
ABPtcPq5nLZoty8At2YmHLg3pZGlCYjlrrGbuLFf45n3wvREhMIIttkxqHscCQS8hD0462i_ErVorkG2_w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95443
last-modified
Wed, 17 Jan 2024 20:30:10 GMT
server
UploadServer
etag
"356b0026efcc674c406ad060e8dab745"
vary
Accept-Encoding
x-goog-generation
1705523410168286
x-goog-hash
crc32c=EM9Nhg==, md5=NWsAJu/MZ0xAatBg6Nq3RQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=2592000
x-goog-stored-content-length
95443
accept-ranges
bytes
content-type
application/json
expires
Fri, 16 Feb 2024 21:34:47 GMT
csp-report
q.stripe.com/ Frame 58C4 		0
492 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.next.nuorder.com
URL: https://app.next.nuorder.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 18 Jan 2024 17:55:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1705600543451225
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1705600543450514
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 58C4 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Thu, 18 Jan 2024 17:55:43 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
296
x-cache
HIT
content-length
15509
x-request-id
7f076d4d-06e6-43c8-b221-460593cf3bd4
x-served-by
cache-fra-etou8220033-FRA
server
Fastly
x-timer
S1705600543.033778,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
250
wootric.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/wootric/2.5.1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/wootric/2.5.1/wootric.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/t027uc6luh/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84858a368e3402c008bf42c50dbf2519d0a9e170cb7641fffccd0c2ae201e36f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:42:50 GMT
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-version-id
VXEp56Z4gXzW7CmcyC1Y_HuqjnsBpA_D
x-amz-cf-pop
FRA6-C1
age
6235974
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1562
last-modified
Wed, 18 Oct 2023 10:36:35 GMT
server
AmazonS3
etag
"1713bfc54ef24550237107dd7bebaee3"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
D23RqQkXsW9jEqC-KUyiqSRsvM_oG2bb__uSmcUCGmTjZU8-ZdJI_g==
google-analytics.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/t027uc6luh/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:32:32 GMT
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-version-id
K4QGNkPJBd_QhAl8Ep7SDksdcNN7fIa5
x-amz-cf-pop
FRA6-C1
age
724992
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4743
last-modified
Wed, 18 Oct 2023 10:36:35 GMT
server
AmazonS3
etag
"36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
Ulmqq5G0eS7gdlZLj31KooEN-Au3EQSW4PQ0JauRwBVEHPMdyyUJxA==
appcues.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/appcues/2.3.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/appcues/2.3.0/appcues.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/t027uc6luh/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a9a890316fd4fe4fc0d9690bf696319281d956209a2ce934ff8ecea344c3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 09:57:57 GMT
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-version-id
7f9MWjsfLa18ebRbeVcfPpxtVBHcudXq
x-amz-cf-pop
FRA6-C1
age
6681467
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1179
last-modified
Wed, 18 Oct 2023 10:36:34 GMT
server
AmazonS3
etag
"905c12e41319765b76dedc0709cdbf70"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
YbQtlF3EEnTKjLznlMX9FXqOi8_i4xsgUojLT12RZwC24sHtiWMR_A==
visual-tagger.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/t027uc6luh/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:34:12 GMT
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-version-id
sNX0NqyV6EiU6DwSR4k5F9Tn9jdFjobZ
x-amz-cf-pop
FRA6-C1
age
6060091
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15523
last-modified
Wed, 18 Oct 2023 10:36:35 GMT
server
AmazonS3
etag
"22f964b449ca210bdea17404f4624ac9"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
zoAF5PffuWWRTAWA9KTIItDhllqC0d8K4yEL3fkJ_P3mGmGdqk2-yA==
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/t027uc6luh/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 15:46:40 GMT
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-version-id
uOfxQOMLwdt.eKHcMs4MBn7QUxA0mLtL
x-amz-cf-pop
FRA6-C1
age
1994944
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22177
last-modified
Wed, 18 Oct 2023 10:36:32 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
sE0SyU_S9PNbG3Lo7OYp6JjmqIlO53sV3AXjKXBHiQX7kcbZspLdzA==
6
m.stripe.com/ Frame 58C4 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.13.71 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-13-71.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
45e973727df502089a9f068a5cd63c996f33d76b4b428e5d4373bee0494f977d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 18 Jan 2024 17:55:43 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1705600543662865
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1705600543662544
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
wootric-sdk.js
cdn.wootric.com/ 		248 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.wootric.com/wootric-sdk.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.110.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.110.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aa5695da4c002a07679aa0472afbfa352a2fd479acc127902ec35ae30d048c4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 17:55:09 GMT
content-encoding
gzip
age
34
x-guploader-uploadid
ABPtcPoQ4cmSiuCS47KYAlqqLXg1ZRB6kGdKi1AThywh6QzjVEIfckm3hBk0r4EqvHCq9plDeYg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64007
last-modified
Thu, 16 Nov 2023 05:14:25 GMT
server
UploadServer
etag
"2859c78508d6b5a1f904124d6de34eb6"
vary
Accept-Encoding
x-goog-hash
crc32c=Uot7/w==, md5=KFnHhQjWtaH5BBJNbeNOtg==
x-goog-generation
1700111664930723
content-language
en
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
64007
accept-ranges
bytes
expires
Thu, 18 Jan 2024 18:55:09 GMT
60102.js
fast.appcues.com/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/60102.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
ac280dba6facff737f89c4040ba2b6aac07f8d755acee04a59be310733a0de4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 17:55:43 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
5168
x-request-id
F6uCqHAbhvxqjKaYuOqE
x-served-by
cache-sof1510021-SOF
server
Cowboy
x-timer
S1705600543.348665,VS0,VE580
vary
accept-encoding, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=120,public
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Jan 2024 17:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
454
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 18 Jan 2024 19:48:09 GMT
p
api.segment.io/v1/ 		21 B
178 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/assets/423612/gz/static/js/vendor.5c838677.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.246.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-246-37.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://app.next.nuorder.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://app.next.nuorder.com
date
Thu, 18 Jan 2024 17:55:43 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
31.718c9faa.chunk.js
assets.nuorder.com/assets/423612/gz/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.nuorder.com/assets/423612/gz/static/js/31.718c9faa.chunk.js
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/assets/423612/gz/static/js/main.55fcef39.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.40.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.40.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
30c1a23226a5ebe8101c15f9643c201e0686ecee63ca80ed640c66712997d6da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 21:27:30 GMT
content-encoding
gzip
age
73693
x-guploader-uploadid
ABPtcPof3tia57a0RX-IhRNN821evvc6DIFmsjPFj5I_3dPRp8X3RvlJrt-GRnCF31lRwuiBmDw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1864
last-modified
Wed, 17 Jan 2024 20:30:03 GMT
server
UploadServer
etag
"f21a1fb79356f2738bc840cc8acc208c"
vary
Accept-Encoding
x-goog-generation
1705523403121874
x-goog-hash
crc32c=Cxygqg==, md5=8hoft5NW8nOLyEDMiswgjA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=2592000
x-goog-stored-content-length
1864
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 16 Feb 2024 21:27:30 GMT
smart-orders
app.next.nuorder.com/_a_p_i_/api/v3.0/ 		41 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.next.nuorder.com/_a_p_i_/api/v3.0/smart-orders
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/assets/423612/gz/static/js/3.30113366.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.179.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.179.107.34.bc.googleusercontent.com
Software
order /
Resource Hash
9145240936071e6bbd225c0e79b774fd12a52bc54e56ce392f55bc8f48b01632

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json
Accept
application/json
module
default
Referer
https://app.next.nuorder.com/
x-requested-with
XMLHttpRequest
Active-Brand
undefined

Response headers

date
Thu, 18 Jan 2024 17:55:43 GMT
via
1.1 google
server
order
access-control-max-age
1728000
access-control-allow-methods
GET,POST,PATCH,PUT,DELETE,OPTIONS,HEAD
content-type
application/json
access-control-allow-origin
wholesale.next.nuorder.com
access-control-expose-headers
Content-Type,Next,*
cache-control
no-cache, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Content-Type,X-Requested-With,module,Active-Brand,campaignid,X-HTTP-Method-Override,Content-Length,Modified-On,Authorization
content-length
41
x-nu-req-id
cmkmc7qqs65jm0ns507g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Cardo:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.next.nuorder.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 15:36:20 GMT
x-content-type-options
nosniff
age
267563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Jan 2025 15:36:20 GMT
collect
www.google-analytics.com/j/ 		15 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1828153821&t=pageview&_s=1&dl=https%3A%2F%2Fapp.next.nuorder.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=NuORDER&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABAAAAACgCIAB~&jid=546841606&gjid=1328351750&cid=1155791155.1705600544&tid=UA-24908472-1&_gid=1191578405.1705600544&_r=1&_slc=1&z=1056671623
Requested by
Host: assets.nuorder.com
URL: https://assets.nuorder.com/na/v0.26.0/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
737844601453563892af482ed659137e504ab66328486c56be18de0701a36a06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.next.nuorder.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 17:55:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.next.nuorder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RNRZFSCG1H&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37096b794d33c53a357c367d649c6117bae6545f716318f12417bf68ce18065c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 17:55:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86483
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Jan 2024 17:55:44 GMT
appcues.main.2e1a7af3d1edc109498384420a442364dde6b93c.js
fast.appcues.com/generic/main/4.60.65/ 		449 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/4.60.65/appcues.main.2e1a7af3d1edc109498384420a442364dde6b93c.js
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/60102.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b6b1cdf808e68e7bb93db0164b06766ab8a3fe4d6235187119c8a3bc261bd86

Request headers

Referer
https://app.next.nuorder.com/
Origin
https://app.next.nuorder.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 17:55:44 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
E92QM1H9HS6ZDD1R
age
775221
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
129770
x-amz-id-2
XD3DuevqJSh7cu7rEw8oFblPY8x4VgtXDAid++LoOzkp1Sq6aHm3h1wBqCa2KttXtn1cZ+seyhEp4UkRLcW/Iw==
x-served-by
cache-sof1510027-SOF
last-modified
Tue, 09 Jan 2024 18:26:19 GMT
server
AmazonS3
x-timer
S1705600544.149075,VS0,VE1
etag
"1cbbea9dbdaff2fee58455b233e2307b"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
1
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RNRZFSCG1H&gtm=45je41a0v9125493919&_p=1705600543953&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1155791155.1705600544&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fapp.next.nuorder.com%2F&dp=%2F&dt=NuORDER&sid=1705600544&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6406
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RNRZFSCG1H&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.next.nuorder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 17:55:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.next.nuorder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.2e1a7af3d1edc109498384420a442364dde6b93c.css
fast.appcues.com/generic/main/4.60.65/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/4.60.65/container.2e1a7af3d1edc109498384420a442364dde6b93c.css
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.60.65/appcues.main.2e1a7af3d1edc109498384420a442364dde6b93c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb

Request headers

Referer
https://app.next.nuorder.com/
Origin
https://app.next.nuorder.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 17:55:44 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
ZCHHHGG3P5M699QC
age
775219
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1992
x-amz-id-2
isXjnKMQNtAsw/L+xOah+fseyqTWs5xGH2U26dVoChEkZ5fdvHBLaRudC2A/nbTObey9rShM/y836nAuy5S6cA==
x-served-by
cache-sof1510027-SOF
last-modified
Tue, 09 Jan 2024 18:26:19 GMT
server
AmazonS3
x-timer
S1705600544.422027,VS0,VE0
etag
"5be05ce494e7cac41d062a0b12a1657c"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css; charset=utf-8;
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
28501

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| NUCONFIG function| setupNA object| na boolean| isEdge undefined| isIE undefined| $buoop object| webpackChunkfrontend object| Payments object| regeneratorRuntime object| __SENTRY__ object| nuConfig object| reactCookie function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb function| setImmediate function| clearImmediate object| __packages__ object| __stylesheet__ object| __globalSettings__ number| __currentId__ object| __themeState__ object| Formsy function| P object| core function| nuorderUserSetAttribute function| Payment object| op object| _buorgres object| analytics object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| webpackChunkStripeJSouter function| noop function| Stripe object| wootricDeps function| wootricLoader object| appcuesDeps function| appcuesLoader object| google-analyticsDeps function| google-analyticsLoader object| visual-taggerDeps function| visual-taggerLoader object| webpackJsonp_name_Integration function| wootricIntegration object| wootricSettings function| appcuesIntegration function| google-analyticsIntegration string| GoogleAnalyticsObject function| ga function| normalize function| visual-taggerIntegration function| Tracktor object| __sentry_instrumentation_handlers__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| $ undefined| jQuery boolean| wootric_property_warning object| wootric_event_queue boolean| wootric_show_logs boolean| wootric_segment_integration boolean| wootric_survey_running object| WootricSurvey function| wootric object| dataLayer

10 Cookies

Domain/Path Name / Value
.nuorder.com/ Name: __nutma
Value: f6ed59bf.0cb1.4f40.9a3b
.nuorder.com/ Name: __nutmc
Value: 8bf3d03b7f91
.nuorder.com/ Name: __nutmb
Value: kpbnelrgjg9g.cmkmc6jd
.nuorder.com/ Name: ajs_anonymous_id
Value: b9d9b692-f227-46f9-b3de-18b3ae0d0471
m.stripe.com/ Name: m
Value: 649e88bc-eb0b-4e8c-bf3a-fa3733c1bb04cd58ff
.nuorder.com/ Name: _ga
Value: GA1.2.1155791155.1705600544
.nuorder.com/ Name: _gid
Value: GA1.2.1191578405.1705600544
.nuorder.com/ Name: _gat
Value: 1
.app.next.nuorder.com/ Name: __stripe_mid
Value: 3dc00896-2bef-4cf8-82d9-81ef2e6ae429894ecf
.app.next.nuorder.com/ Name: __stripe_sid
Value: 559183d3-1c7d-470c-9102-6548c2e88b9b941590

4 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://app.next.nuorder.com/_a_p_i_/me
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://app.next.nuorder.com/_a_p_i_/api/v3.0/smart-orders
Message:
Failed to load resource: the server responded with a status of 401 ()
worker error URL: blob:https://app.next.nuorder.com/58492e5e-43a0-4c11-836a-6a6f1569954f
Message:
na error, swallow

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
app.launchdarkly.com
app.next.nuorder.com
assets.nuorder.com
cdn.segment.com
cdn.wootric.com
clientstream.launchdarkly.com
events.launchdarkly.com
fast.appcues.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
region1.google-analytics.com
sentry.io
www.google-analytics.com
www.googletagmanager.com
13.248.151.210
151.101.64.176
151.101.66.217
2001:4860:4802:34::36
2a00:1450:4001:808::2008
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::200e
2a04:4e42:200::622
34.107.179.221
34.208.13.71
34.96.110.71
35.155.246.37
35.186.247.156
35.190.40.19
52.205.126.0
54.187.159.182
99.86.8.175
03d23e697993ada23b4fd4d8b3053039b98542fb201764603ac8c77b93677899
04490fc9a924a388e251ea7f6e46d4eabd92f15bc1fa4c9c5a9ab429010c5d4c
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1b6b1cdf808e68e7bb93db0164b06766ab8a3fe4d6235187119c8a3bc261bd86
30c1a23226a5ebe8101c15f9643c201e0686ecee63ca80ed640c66712997d6da
3245a3c749dd1ffc1afd1d8a090275c7a8f8d8722f5d25398ff9d29e47860ba3
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
37096b794d33c53a357c367d649c6117bae6545f716318f12417bf68ce18065c
37167e47c7d3e37905651231fbd6070353623e2541d17586112dd6c1613475ff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446a15787617b57aee8eb261f42286ff6ee0cbad9f6c2ee948a3fff877506b4f
44b48d8767b303804abccb43c8a22299c8b1a1bd9a711bab0c84fc946f4c0f8d
45e973727df502089a9f068a5cd63c996f33d76b4b428e5d4373bee0494f977d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
737844601453563892af482ed659137e504ab66328486c56be18de0701a36a06
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
84858a368e3402c008bf42c50dbf2519d0a9e170cb7641fffccd0c2ae201e36f
88f5b88a40723f5fbb9b701a79c36509741029c72c51ca5f516d8187dcef6bae
8f154c170fbebc54b2c7cebb328adc226f451da366a6f8a7b3988641eb367dbe
9145240936071e6bbd225c0e79b774fd12a52bc54e56ce392f55bc8f48b01632
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92a2efef1ed85d0ea2e0ceee1bae2f3092f9ffb87850811b255e0e1da08ee3f9
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
aa5695da4c002a07679aa0472afbfa352a2fd479acc127902ec35ae30d048c4c
ab3d910b8df109637ab69abfedd1eec08c8fd862731e9a20842549045e5f0d5c
ab5896c4f28152942b089d685fefcb1ab59c91c345b73a44da1d416119124ab9
ac280dba6facff737f89c4040ba2b6aac07f8d755acee04a59be310733a0de4a
ad4c10960cc62f1108eecb9e9e5a873e3564d3b20a0e278c05a89767c7556555
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b79a9a890316fd4fe4fc0d9690bf696319281d956209a2ce934ff8ecea344c3c
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb
d796a8ea1bace7323133b3936f21daf2777da60866a170d03662d7c582bffe37
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48c2094d6d1f04a76fe020f14f5fbfb8a79de60ee524c9a90223a73d0087477
f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb