Overview

URL forthenrymotel.com/
IP172.67.136.143
ASNCLOUDFLARENET
Location United States
Report completed2022-10-04 09:34:06 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 forthenrymotel.com/ Malware
2022-10-04 2 forthenrymotel.com/ Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (58)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 54.186.209.73
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-10-04 04:22:54 UTC 104.18.20.226
mnemonic passive DNS www.redditstatic.com (1) 1440 2012-06-30 12:33:28 UTC 2022-10-04 04:30:15 UTC 151.101.85.140
mnemonic passive DNS snap.licdn.com (1) 1044 2014-10-06 08:43:45 UTC 2022-10-04 04:31:36 UTC 23.36.76.121
mnemonic passive DNS analytics.twitter.com (1) 526 2013-04-10 19:53:18 UTC 2022-10-04 04:41:33 UTC 104.244.42.195
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS alb.reddit.com (1) 1521 2017-06-15 05:33:56 UTC 2022-10-04 05:37:11 UTC 151.101.85.140
mnemonic passive DNS www.google.no (2) 25607 2016-04-05 19:50:59 UTC 2022-10-03 09:28:40 UTC 142.250.74.3
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-10-04 04:23:59 UTC 151.101.86.137
mnemonic passive DNS b.clarity.ms (3) 3462 2021-07-27 12:49:08 UTC 2022-10-04 04:03:27 UTC 20.75.32.255
mnemonic passive DNS web1.acsbapp.com (1) 37191 2021-03-10 09:46:33 UTC 2022-10-04 05:06:27 UTC 138.128.247.123
mnemonic passive DNS bam.nr-data.net (1) 630 2015-02-10 00:06:27 UTC 2022-10-04 04:20:48 UTC 162.247.241.14
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 09:13:54 UTC 143.204.55.115
mnemonic passive DNS www.squadhelp.com (17) 185777 2013-06-04 03:30:41 UTC 2022-10-04 04:15:34 UTC 192.124.249.108
mnemonic passive DNS a.quora.com (1) 7568 2017-05-08 19:06:55 UTC 2022-10-04 02:21:18 UTC 162.159.152.17
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-10-04 05:06:06 UTC 74.125.131.155
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 143.204.55.49
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
mnemonic passive DNS www.clarity.ms (2) 1404 2018-08-22 07:41:57 UTC 2022-10-04 04:30:54 UTC 13.107.227.53
mnemonic passive DNS ocsp.pki.goog (20) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS static.ads-twitter.com (1) 614 2017-01-30 05:00:15 UTC 2022-10-04 04:41:32 UTC 151.101.84.157
mnemonic passive DNS bat.bing.com (3) 387 2014-04-08 09:23:16 UTC 2022-10-04 04:17:36 UTC 13.107.21.200
mnemonic passive DNS c.clarity.ms (2) 803 2021-02-03 23:22:47 UTC 2022-10-04 04:30:54 UTC 20.234.93.27
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-04 03:36:29 UTC 142.250.74.164
mnemonic passive DNS www.linkedin.com (1) 608 2014-04-09 13:16:08 UTC 2022-10-04 04:38:48 UTC 13.107.42.14
mnemonic passive DNS img.squadhelp.com (100) 0 2022-03-04 15:30:18 UTC 2022-10-03 19:16:33 UTC 194.242.11.186 Domain (squadhelp.com) ranked at: 93934
mnemonic passive DNS t.co (1) 569 2012-07-25 19:09:44 UTC 2022-10-04 04:43:29 UTC 104.244.42.5
mnemonic passive DNS js.intercomcdn.com (3) 2440 2020-07-20 12:22:33 UTC 2022-10-04 04:24:03 UTC 143.204.55.44
mnemonic passive DNS script.fixel.ai (3) 59005 2020-07-30 18:49:01 UTC 2022-10-03 21:54:24 UTC 54.230.111.29
mnemonic passive DNS c.bing.com (1) 247 2012-05-22 10:26:32 UTC 2022-10-04 04:17:05 UTC 13.107.21.200
mnemonic passive DNS q.quora.com (1) 3239 2017-05-08 19:06:57 UTC 2022-10-04 05:06:26 UTC 54.243.187.224
mnemonic passive DNS www.facebook.com (2) 99 2017-01-30 05:00:00 UTC 2022-10-03 04:55:56 UTC 31.13.72.36
mnemonic passive DNS widget.intercom.io (1) 2417 2020-09-15 16:45:37 UTC 2022-10-04 04:24:03 UTC 54.230.111.53
mnemonic passive DNS forthenrymotel.com (2) 0 2014-11-29 03:19:45 UTC 2022-10-03 22:51:58 UTC 104.21.89.29 Unknown ranking
mnemonic passive DNS api.fixelapp.com (1) 70153 2019-11-17 15:21:01 UTC 2022-10-03 19:16:37 UTC 34.226.81.212
mnemonic passive DNS ocsp.digicert.com (9) 86 2012-05-21 07:02:23 UTC 2022-10-04 07:51:20 UTC 93.184.220.29
mnemonic passive DNS trc.taboola.com (1) 602 2013-07-11 10:17:31 UTC 2022-10-04 04:32:55 UTC 151.101.85.44
mnemonic passive DNS fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-10-04 09:22:31 UTC 142.250.74.10
mnemonic passive DNS acsbapp.com (1) 5220 2020-08-14 05:49:08 UTC 2022-10-04 05:06:25 UTC 138.128.247.123
mnemonic passive DNS status.thawte.com (2) 5123 2017-11-27 12:33:51 UTC 2022-10-04 04:53:20 UTC 93.184.220.29
mnemonic passive DNS tags.srv.stackadapt.com (3) 3857 2017-12-30 12:16:27 UTC 2022-10-03 23:33:27 UTC 54.175.93.244
mnemonic passive DNS amplify.outbrain.com (1) 2255 2017-04-12 07:58:35 UTC 2022-10-04 05:06:26 UTC 23.38.201.81
mnemonic passive DNS px.ads.linkedin.com (2) 522 2017-08-08 16:28:50 UTC 2022-10-04 04:31:36 UTC 13.107.42.14
mnemonic passive DNS cdn.jsdelivr.net (2) 439 2012-09-30 00:15:09 UTC 2022-10-04 04:19:28 UTC 151.101.85.229
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-10-04 03:44:22 UTC 142.250.74.170
mnemonic passive DNS connect.facebook.net (3) 139 2012-05-22 02:51:28 UTC 2022-10-03 07:45:02 UTC 31.13.72.12
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-10-03 09:10:55 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS tr.outbrain.com (2) 2017 2017-04-12 07:58:35 UTC 2022-10-04 04:27:49 UTC 70.42.32.31
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS uy28jh5ee6-dsn.algolia.net (1) 0 2018-04-18 01:36:07 UTC 2022-09-25 20:25:47 UTC 64.7.218.233 Domain (algolia.net) ranked at: 295619
mnemonic passive DNS cdn.acsbapp.com (2) 5589 2020-08-16 06:12:24 UTC 2022-10-04 05:06:26 UTC 104.238.215.8
mnemonic passive DNS cdn.taboola.com (1) 1040 2013-07-19 23:48:03 UTC 2022-10-03 13:41:53 UTC 151.101.85.44
mnemonic passive DNS trc-events.taboola.com (1) 1779 2020-06-09 13:52:57 UTC 2022-10-04 04:27:48 UTC 141.226.228.48
mnemonic passive DNS forthenrymotel.com (2) 0 2014-11-29 03:19:45 UTC 2022-10-03 22:51:58 UTC 172.67.136.143 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (11) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.76.226
mnemonic passive DNS fonts.gstatic.com (5) 0 2014-08-29 13:43:22 UTC 2022-10-04 08:34:20 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-10-04 05:10:46 UTC 142.250.74.174
mnemonic passive DNS googleads.g.doubleclick.net (2) 42 2021-02-20 15:43:32 UTC 2022-10-04 02:32:55 UTC 142.250.74.98


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 172.67.136.143

Date UQ / IDS / BL URL IP
2022-10-24 01:22:05 +0000
0 - 0 - 2 a9.chromevids.ru/ 172.67.136.143
2022-10-04 09:34:06 +0000
0 - 0 - 2 forthenrymotel.com/ 172.67.136.143

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-11-28 20:47:57 +0000
0 - 0 - 2 mailsuccessone.com/ot2/gezdgnzrgy3dinq=/open 172.67.128.128
2022-11-28 20:46:43 +0000
0 - 0 - 2 autumn-block-50de.caitlyn70.workers.dev/ 172.67.176.50
2022-11-28 20:45:30 +0000
0 - 0 - 2 qjn.mygoldensurvey.top/ 172.67.139.98
2022-11-28 20:42:06 +0000
0 - 0 - 1 www.raskinsjewelers.com/ 23.227.38.65
2022-11-28 20:35:58 +0000
0 - 0 - 1 m.td0w0j2.cn/ 104.21.54.92

Last 1 reports on domain: forthenrymotel.com

Date UQ / IDS / BL URL IP
2022-10-04 09:34:06 +0000
0 - 0 - 2 forthenrymotel.com/ 172.67.136.143

No other reports with similar screenshot



JavaScript

Executed Scripts (61)


Executed Evals (1)

#1 JavaScript::Eval (size: 1005, repeated: 1) - SHA256: e03f831424f162973d82cab5aed483dc1d7672263af2ed18fc1eec8451a0c4ed

                                        n = 'n@8'.charAt(2) + 'Jf'.slice(1, 2) + "c" + '2' + '' +
    "f" + '' + '' + 'YrQd'.substr(3, 1) + "asec".substr(0, 1) + String.fromCharCode(52) + "" + "f" + String.fromCharCode(100) + '2' + "" + "1sec".substr(0, 1) + "esu".slice(0, 1) + "c" + '6' + '' +
    "7".slice(0, 1) + '0' + "c" + '' +
    'tR0'.charAt(2) + "c".slice(0, 1) + "" + "d" + '' + 'dQ1'.charAt(2) + "a".slice(0, 1) + "f" + 'b' + '' + '' + "3su".slice(0, 1) + 'w<8'.charAt(2) + "" + 'eS0'.charAt(2) + "5sec".substr(0, 1) + '' + '' + 'KzP8'.substr(3, 1) + 'JaH6'.substr(3, 1) + "" + String.fromCharCode(50) + '' + '';
document.cookie = 'ssu'.charAt(0) + 'usucuri'.charAt(0) + 'c' + 'sucuu'.charAt(4) + 'rs'.charAt(0) + 'i' + '' + '_' + '' + 'suc'.charAt(2) + 'sul'.charAt(2) + 'osuc'.charAt(0) + 'us'.charAt(0) + 'd'.charAt(0) + 'p' + 'rsuc'.charAt(0) + 'o' + '' + 'x' + '' + 'y' + '_' + 'usucuri'.charAt(0) + 'usucu'.charAt(0) + 'sucui'.charAt(4) + 'd' + '' + '_' + 'c' + 'e' + 'su1'.charAt(2) + '7'.charAt(0) + '2'.charAt(0) + 'b' + 'dsu'.charAt(0) + 'sub'.charAt(2) + '7'.charAt(0) + "=" + n + ';path=/;max-age=86400';
location.reload();
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 15, repeated: 1) - SHA256: c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e

                                        < !DOCTYPE html >
                                    


HTTP Transactions (245)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: forthenrymotel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.136.143
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 04 Oct 2022 09:33:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 10:33:54 GMT
Location: https://forthenrymotel.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDhMIL%2Bp8mTCA%2BrPRqMesbxCAe36rdZ6Ex6jMKYGihoUF2%2FdKHbUnQP7pG8k8Tq0V%2FI%2BICeDaWgfw4rVxrEGGql3Ly2GP7xNPdFcWdE9rn4Ll23SSi3NYHFHUzHYMvPQDYxnj34%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754ceb314f5fb524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 08:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CXRVF8KYr4PH5sv3HEkHVS2lPhusfkf7KGIP-PoCFcG8PTY3xQ8Cnw==
Age: 2810


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8807
Expires: Tue, 04 Oct 2022 12:00:42 GMT
Date: Tue, 04 Oct 2022 09:33:55 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VCHXyzbDwdnYN4BVnJGwUPhVC862jneIog6EZ7en3J0Zep5sE-0mCw==
age: 14728
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST /s/gts1p5/aV6dfKLoK5s HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:55 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /s/gts1p5/aV6dfKLoK5s HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 09:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 10:27:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mviBFQqLJSIJthipIiHWCvVBR75Z7xcarzQZRkg-ws78MyE0N_GUfg==
Age: 262


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3176
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:33:55 GMT
Last-Modified: Tue, 04 Oct 2022 08:40:59 GMT
Server: ECS (amb/6BB0)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6306
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:33:55 GMT
Last-Modified: Tue, 04 Oct 2022 07:48:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3ZDrhJ3Ked/JUrvCC6UOBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.186.209.73
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vRa4vgTOdRE4K0q/9qwZad9U1Gs=

                                        
                                            GET /name/forthenrymotel?lp=d HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:56 GMT
content-length: 1
x-sucuri-id: 19008
set-cookie: PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; expires=Wed, 05-Oct-2022 09:33:56 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
location: /premium-domains-for-sale/all
proxy-cache: MISS
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    68b329da9893e34099c7d8ad5cb9c940
Sha1:   adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
Sha256: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15881
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 09:33:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15881
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 09:33:57 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 42577
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 42577
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 42564
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 17466
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9855
x-amzn-requestid: 15f15a2e-0028-40ac-be8f-8e20c37fd27e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGX7oAMFgDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-5fe693f30c91e4c82c8accb1;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ngoNHOX6fFTGa1Y_-yFOFUYYYqiLJCQOq3NISbmc3gX21YO0TLxx0w==
via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 23:32:19 GMT
etag: "a36475a0ec7d7b92593cadd4aa99ca38550f1cd1"
age: 36098
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9855
Md5:    7b7345414898d451d930431b46d4bd00
Sha1:   a36475a0ec7d7b92593cadd4aa99ca38550f1cd1
Sha256: 79b541c69c78df0e4a4c26438431fd6b52754b589d80e929a4203063712a540c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11101
x-amzn-requestid: f98e84d9-1e66-4436-b793-219a777f2ba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqcvE8JoAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5784-25bd2b234c1093de70074c92;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: becOxfqUowywFrxzDSeK7F1lFdDVTSHIF1TLC5k5aSlLPpsR6F8gjw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:42:37 GMT
age: 39080
etag: "db07d58d8feff4ea01866d095e5264ee5c8e1ca3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11101
Md5:    ae824db4a95391149198a4b6b8556c70
Sha1:   db07d58d8feff4ea01866d095e5264ee5c8e1ca3
Sha256: 19e96d204813247697e1858daf9e07d6c4cafd9ab1175a3bf39a7f07f6991521
                                        
                                            GET /assets/fonts/Gotham-ssm-b-400.woff HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/premium-domains-for-sale/all
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:58 GMT
content-length: 8392
x-sucuri-id: 19008
last-modified: Thu, 28 Jul 2016 15:16:47 GMT
etag: "20c8-538b39f54f5c0"
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 8392, version 1.0\012- data
Size:   8392
Md5:    2395ec69c3cc758ca176d118b7d8646e
Sha1:   85392066724103bef50533207805d0b624f90912
Sha256: 020cfd7b857c6632683a37e80e72916f81643cf8ec286cf7cef72764606b8881
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /npm/instantsearch.css@7.1.0/themes/algolia.css HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 7.1.0
x-jsd-version-type: version
etag: W/"4376-Gp6be5ZOsSJN7drfNguY55GJx2k"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:33:58 GMT
age: 3041909
x-served-by: cache-fra19170-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3093
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  CSV text\012- , ASCII text
Size:   3093
Md5:    441e570ea3d4277c7ac4e8dd35699da3
Sha1:   d20758e7023e137acd1cfdd249e8be3c3d08ec22
Sha256: 0ee1228501d6fb93c6ca528d502223112aae8f70b13fbe15e623a45a1303501e
                                        
                                            GET /resources/assets/imgs/new_ui/logo_white.svg HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/premium-domains-for-sale/all
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:58 GMT
content-length: 4659
x-sucuri-id: 19008
last-modified: Thu, 08 Jul 2021 15:44:16 GMT
etag: "60e71d50-1233"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (764), with CRLF line terminators
Size:   4659
Md5:    60c5ec80ae536eb5eb0b40bce177ddd2
Sha1:   a2d5691a854c1bc34fcadd5afeba47ef745d17a4
Sha256: 71d36fa5cec6f8eef2b2fef59c803af8f09cbd3d0d30388740197615f77440d7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.170
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 09:42:03 GMT
expires: Tue, 03 Oct 2023 09:42:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 85915
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   31017
Md5:    7808e0e4b7a714230373852158500533
Sha1:   4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
Sha256: 8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
                                        
                                            GET /npm/search-insights@1.6.3 HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.6.3
x-jsd-version-type: version
etag: W/"29f5-epVuMwoQc7mmtrXEmCW42U/Ue7s"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:33:58 GMT
age: 2311458
x-served-by: cache-fra19183-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3006
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10740)
Size:   3006
Md5:    56d50e5620f53fa43fd70ab36062f2ee
Sha1:   aa25d03868886ffdf570c522761e41eef99378fa
Sha256: a514c3f8cac0a9c66a8dc273bc08e7afcf1192c8691d80576645bd3a70b5ab56
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "B8E59B3271BFE6C2A95A2606597D4B761EB9266F"
Expires: Tue, 04 Oct 2022 20:00:00 GMT
Last-Modified: Tue, 04 Oct 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2279
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754ceb476dae1bfa-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    6b964f793822e58668eeb51c6e590772
Sha1:   c33a0596e8118c45baa45a838378c7b07ad7ea44
Sha256: 0eb5e78443c90742cf30521f5eea6d02fcc0aeb5daa7630b1b53769020d39c14
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3818CB7B42F5BDC73845A1CBA2EFFFE08ABBE94D5242C17CABCB8D4CE2020ED0"
Last-Modified: Mon, 03 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15680
Expires: Tue, 04 Oct 2022 13:55:18 GMT
Date: Tue, 04 Oct 2022 09:33:58 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3818CB7B42F5BDC73845A1CBA2EFFFE08ABBE94D5242C17CABCB8D4CE2020ED0"
Last-Modified: Mon, 03 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15680
Expires: Tue, 04 Oct 2022 13:55:18 GMT
Date: Tue, 04 Oct 2022 09:33:58 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /var/da3d926911e545d06a6e48420151a328.js HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/premium-domains-for-sale/all
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:58 GMT
x-sucuri-id: 19008
last-modified: Thu, 29 Sep 2022 11:11:22 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"63357d5a-87c76"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
x-sucuri-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   153938
Md5:    b1c6a130bce692eb3c65e4a166cdf254
Sha1:   b8d9a48cbd977a419f29e185b27dd72d528783b1
Sha256: 96cece0475e362de2600cbfd70b2c2015e68ce6290c0046aa1f028765fb47b8c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css2?family=Mulish:wght@300;400;500;600;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 09:33:58 GMT
date: Tue, 04 Oct 2022 09:33:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1081
Md5:    f5d30b91f3870a9e30a1830d125553fe
Sha1:   fa683b2a5156150603e10fff1bcaa7d30967acf6
Sha256: 97301ca150127c38a2d38e5a6fea2aa1280dd264b44e284d12dafa40c962182e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:13:12 GMT
expires: Tue, 03 Oct 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 44446
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Size:   46524
Md5:    c1fd378f54921c75e4ae1821e7b8fff6
Sha1:   2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
Sha256: 405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
                                        
                                            GET /qevents.js HTTP/1.1 
Host: a.quora.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.159.152.17
HTTP/2 200 OK
content-type: text/plain
                                        
date: Tue, 04 Oct 2022 09:33:58 GMT
x-amz-id-2: jHbk68zF0oCrN99I6TpiQ8LNg0dDTKL0BkbZQKZkL1zB85BMiiIcpjSQWNebJHGDeWUqTCN88Lg=
x-amz-request-id: 4K18RXATE8CH2H8E
last-modified: Fri, 18 Mar 2022 00:16:52 GMT
etag: W/"47078e63380c6b0cbbfb6d8508b25ee7"
x-amz-meta-s3cmd-attrs: atime:1647562609/ctime:1647562609/gid:150037/gname:ezhang/md5:47078e63380c6b0cbbfb6d8508b25ee7/mode:33204/mtime:1647562609/uid:150037/uname:ezhang
cache-control: public, max-age=14400
x-amz-version-id: vyBstMTGyA6m5sV66zq8xsypUg.tAOk.
cf-cache-status: HIT
age: 5289068
expires: Tue, 04 Oct 2022 13:33:58 GMT
set-cookie: __cf_bm=6x1K4JyB0gHdYHItAvNCXByYCWKSVLKu8Qdsi3nyE7A-1664876038-0-AXbrVpe+ireuoZ3ZKdBtnn5yGK2tGcdr1bDu5uvtWr/bX+Nrb+4om3yhqIA8j31AXWhyAJAdOAVIFJbnWlDnhHM=; path=/; expires=Tue, 04-Oct-22 10:03:58 GMT; domain=.quora.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 754ceb479a58b4f9-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   41542
Md5:    3f39141ac20ec067833114d46be1e029
Sha1:   5d97b40f88720aa4e6f55b6ebde1918e59fa5821
Sha256: 396f7f32b5bdf248fb7511a66e062578957b65356ee0c7a78a05332e3620b6e3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "15676AE928874247B119E80C3122B551365AB3AA27C441B404D97EC5885B59B3"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9282
Expires: Tue, 04 Oct 2022 12:08:40 GMT
Date: Tue, 04 Oct 2022 09:33:58 GMT
Connection: keep-alive

                                        
                                            GET /var/4cabd39bc0d37df2f920eaa290a901ec.css HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/premium-domains-for-sale/all
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b; _gcl_au=1.1.1958697000.1664876038
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:58 GMT
x-sucuri-id: 19008
last-modified: Fri, 29 Apr 2022 13:51:37 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"626bed69-42613"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
x-sucuri-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   121905
Md5:    e7dfcc5c90a67cd64e8cb214089bd4b6
Sha1:   30e9fe08c1f013b8f5f7fd91a7a26479b811b8cb
Sha256: 75e15c9b67dcf425a8ca6a8ccdd3baadf30b9ed6d7b772b0a49138e0fb64441a
                                        
                                            GET /ads/pixel.js HTTP/1.1 
Host: www.redditstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.140
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:33:58 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25224)
Size:   7722
Md5:    95212d33cfff78ad59f5af5b20c48c53
Sha1:   9b99a4091a6eb716bc68f1428e3c86eca068b25b
Sha256: bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
                                        
                                            GET /assets/firstfolds/ks_v3.json HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.squadhelp.com/premium-domains-for-sale/all
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b; _gcl_au=1.1.1958697000.1664876038; user_navigation_history=/premium-domains-for-sale/all; lpg=/premium-domains-for-sale/all; _ALGOLIA=anonymous-572cb010-5c9b-42a1-9541-1d9890b7f4d4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:58 GMT
content-length: 100325
x-sucuri-id: 19008
last-modified: Mon, 01 Mar 2021 17:58:52 GMT
etag: "603d2b5c-187e5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
x-sucuri-cache: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size:   100325
Md5:    fdb1f60fe181f095a8b20ad6abcfe6b9
Sha1:   d42a7f29df9d783085490c71d44e197a01e3b9be
Sha256: 0f6440a4794be45addd0b7ec87d75e9f08f3ddc9ae0799d75a06d65d4b1e071c
                                        
                                            GET /_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?j=1&u=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&tag=ViewContent&ts=1664876038104 HTTP/1.1 
Host: q.quora.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: __cf_bm=6x1K4JyB0gHdYHItAvNCXByYCWKSVLKu8Qdsi3nyE7A-1664876038-0-AXbrVpe+ireuoZ3ZKdBtnn5yGK2tGcdr1bDu5uvtWr/bX+Nrb+4om3yhqIA8j31AXWhyAJAdOAVIFJbnWlDnhHM=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.243.187.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 04 Oct 2022 09:33:58 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,66a09becdf5c340eeb79466cc9957659,10.0.0.108,40416,91.90.42.154,,66090775901,1,1664876038.898,0.001,,.,0,0,0.000,0.004,-,0,0,197,186,93,10,35796,,,,,,-,
Content-Length: 43
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3653
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:33:58 GMT
Last-Modified: Tue, 04 Oct 2022 08:33:05 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /s/raleway/v11/xkvoNo9fC8O2RDydKj12bwzyDMXhdD8sAj6OAJTFsBI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 20:25:46 GMT
expires: Mon, 02 Oct 2023 20:25:46 GMT
cache-control: public, max-age=31536000
age: 133692
last-modified: Thu, 19 May 2016 23:55:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13048, version 3.0\012- data
Size:   13048
Md5:    066e70518f339d2fe48636bfedd310f5
Sha1:   91fffc0d014ac70de656409ce9f18462200bee75
Sha256: 07e7a1633d7931b53034ad675b2842100395e91567048d01ed69b08f141c65dd
                                        
                                            GET /s/raleway/v11/QAUlVt1jXOgQavlW5wEfxQLUuEpTyoUstqEm5AMlJo4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 03:35:43 GMT
expires: Tue, 03 Oct 2023 03:35:43 GMT
cache-control: public, max-age=31536000
age: 107895
last-modified: Thu, 19 May 2016 23:55:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13128, version 3.0\012- data
Size:   13128
Md5:    3988f246b25c2e742db82b6d180ab206
Sha1:   9f64466de180808968b87d53ed14a57dc9906cc2
Sha256: f37df5fd112825a2d0b8292145bf094083d903e6017d4b60703bad746ecba614
                                        
                                            GET /s/raleway/v11/JbtMzqLaYbbbCL9X6EvaIwzyDMXhdD8sAj6OAJTFsBI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 11:43:00 GMT
expires: Sun, 01 Oct 2023 11:43:00 GMT
cache-control: public, max-age=31536000
age: 251458
last-modified: Thu, 19 May 2016 23:55:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12884, version 3.0\012- data
Size:   12884
Md5:    d00087111d82edcdf30ce850adbc5b01
Sha1:   2a3f5c19d4227ac87a1d4637860e04bdc39c2ec1
Sha256: be6ac71718502ce056d204f64462255db2cdf35cc9ac24b025fd8dde3afaff65
                                        
                                            GET /s/raleway/v11/CcKI4k9un7TZVWzRVT-T8wzyDMXhdD8sAj6OAJTFsBI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 12:52:06 GMT
expires: Wed, 27 Sep 2023 12:52:06 GMT
cache-control: public, max-age=31536000
age: 592913
last-modified: Thu, 19 May 2016 23:54:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13440, version 3.0\012- data
Size:   13440
Md5:    7050da7d01717994533ec7d8133b5ea5
Sha1:   0e53ae643f7babfa145f9b0b98b350a9e485fbcd
Sha256: a818021f08b5e887916c2f865ba477c7a83fd7f8cf719f5a9cda9669c8e7ccfd
                                        
                                            GET /assets/fonts/Gotham-ssm-a-400.woff HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/4cabd39bc0d37df2f920eaa290a901ec.css
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b; _gcl_au=1.1.1958697000.1664876038; user_navigation_history=/premium-domains-for-sale/all; lpg=/premium-domains-for-sale/all; _ALGOLIA=anonymous-572cb010-5c9b-42a1-9541-1d9890b7f4d4; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.1.422561582.1664876039
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:59 GMT
content-length: 18056
x-sucuri-id: 19008
last-modified: Thu, 28 Jul 2016 15:16:47 GMT
etag: "4688-538b39f54f5c0"
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 18056, version 1.0\012- data
Size:   18056
Md5:    7a22d393ea944c3bf2242adf5271845c
Sha1:   569dec2ad1e3f3666fc2d8e5ae32c9c8fef07d4f
Sha256: 1cea79e237e5f7d27ad9446dfec2d4b1208ef4403abf4ff3d7b14d2a00267e30
                                        
                                            GET /assets/fonts/Gotham-ssm-a-500.woff HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/4cabd39bc0d37df2f920eaa290a901ec.css
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b; _gcl_au=1.1.1958697000.1664876038; user_navigation_history=/premium-domains-for-sale/all; lpg=/premium-domains-for-sale/all; _ALGOLIA=anonymous-572cb010-5c9b-42a1-9541-1d9890b7f4d4; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.1.422561582.1664876039
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:59 GMT
content-length: 18197
x-sucuri-id: 19008
last-modified: Thu, 28 Jul 2016 15:16:48 GMT
etag: "4715-538b39f643800"
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 18197, version 1.0\012- data
Size:   18197
Md5:    0f9cb94e2d194b824aef186ed06da475
Sha1:   68906369fcc7fdb7ca6e064f5384b3de25592e15
Sha256: 0df1006faf3441fa4c7cb7c55d841243d32e3da7567bd6928748ea28aa37af3b
                                        
                                            GET /assets/fonts/Gotham-ssm-a.woff HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/4cabd39bc0d37df2f920eaa290a901ec.css
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b; _gcl_au=1.1.1958697000.1664876038; user_navigation_history=/premium-domains-for-sale/all; lpg=/premium-domains-for-sale/all; _ALGOLIA=anonymous-572cb010-5c9b-42a1-9541-1d9890b7f4d4; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.1.422561582.1664876039
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:59 GMT
content-length: 17673
x-sucuri-id: 19008
last-modified: Thu, 28 Jul 2016 15:16:47 GMT
etag: "4509-538b39f54f5c0"
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 17673, version 1.0\012- data
Size:   17673
Md5:    55c84afd0774bf96e09efdc3b564b3e1
Sha1:   9cdfdc4cb6c6710d0e7ed4a0696ab5d84abdee16
Sha256: fc716241fee54475f492ca413571bcea684d7cca6fad41f4bfab5d7010c0ae53
                                        
                                            GET /fonts/glyphicons-halflings-regular.woff2 HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.squadhelp.com/var/4cabd39bc0d37df2f920eaa290a901ec.css
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b; _gcl_au=1.1.1958697000.1664876038; user_navigation_history=/premium-domains-for-sale/all; lpg=/premium-domains-for-sale/all; _ALGOLIA=anonymous-572cb010-5c9b-42a1-9541-1d9890b7f4d4; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.1.422561582.1664876039
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:59 GMT
content-length: 18028
x-sucuri-id: 19008
last-modified: Mon, 25 Jul 2016 21:53:12 GMT
etag: "57968a48-466c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size:   18028
Md5:    448c34a56d699c29117adc64c43affeb
Sha1:   ca35b697d99cae4d1b60f2d60fcd37771987eb07
Sha256: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
                                        
                                            GET /fonts/fontawesome-webfont.woff2?v=4.6.2 HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.squadhelp.com/var/4cabd39bc0d37df2f920eaa290a901ec.css
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b; _gcl_au=1.1.1958697000.1664876038; user_navigation_history=/premium-domains-for-sale/all; lpg=/premium-domains-for-sale/all; _ALGOLIA=anonymous-572cb010-5c9b-42a1-9541-1d9890b7f4d4; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.1.422561582.1664876039
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:59 GMT
content-length: 64464
x-sucuri-id: 19008
last-modified: Mon, 25 Jul 2016 21:53:11 GMT
etag: "57968a47-fbd0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Size:   64464
Md5:    4b5a84aaf1c9485e060c503a0ff8cadb
Sha1:   574ea2698c03ae9477db2ea3baf460ee32f1a7ea
Sha256: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
                                        
                                            GET /assets/fonts/Gotham-ssm-b-500.woff HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/4cabd39bc0d37df2f920eaa290a901ec.css
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b; _gcl_au=1.1.1958697000.1664876038; user_navigation_history=/premium-domains-for-sale/all; lpg=/premium-domains-for-sale/all; _ALGOLIA=anonymous-572cb010-5c9b-42a1-9541-1d9890b7f4d4; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.1.422561582.1664876039
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:59 GMT
content-length: 8553
x-sucuri-id: 19008
last-modified: Thu, 28 Jul 2016 15:16:47 GMT
etag: "2169-538b39f54f5c0"
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 8553, version 1.0\012- data
Size:   8553
Md5:    3656d14c45a9205772c168acc7dc2f13
Sha1:   8e02a43036c671a9dff86029f4eca9c102c634f1
Sha256: bd0c706004089bcf8a8292959895766ea049d48f90590443ae92a7c579c78cea
                                        
                                            GET /assets/fonts/Gotham-ssm-b.woff HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/4cabd39bc0d37df2f920eaa290a901ec.css
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b; _gcl_au=1.1.1958697000.1664876038; user_navigation_history=/premium-domains-for-sale/all; lpg=/premium-domains-for-sale/all; _ALGOLIA=anonymous-572cb010-5c9b-42a1-9541-1d9890b7f4d4; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.1.422561582.1664876039
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:59 GMT
content-length: 8257
x-sucuri-id: 19008
last-modified: Thu, 28 Jul 2016 15:16:47 GMT
etag: "2041-538b39f54f5c0"
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 8257, version 1.0\012- data
Size:   8257
Md5:    eb60e7d07d8bb85c500717d01ea56b99
Sha1:   6a8a101fe8e596c6a9d4edf4712e986eca6117b0
Sha256: 8232a6858fef85cdd0dd37f65b414d4d88a70d8cc54215ffcb3de0b9c8c055f9
                                        
                                            GET /apps/app/dist/js/app.js HTTP/1.1 
Host: acsbapp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.128.247.123
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: max-age=432000 public
expires: Wed, 05 Oct 2022 09:33:59 GMT
last-modified: Mon, 03 Oct 2022 17:07:56 GMT
etag: "6a902-633b16ec-af3ebb833015feec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 142239
date: Tue, 04 Oct 2022 09:33:59 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (60518), with no line terminators
Size:   142239
Md5:    8579c660450ac13ef51bfa3c890ec5b9
Sha1:   c21fec47b7dbef9a2fb5c71a7f50a5bf7414346d
Sha256: 521986774545a9cff44fbf22da9759c98aeac69cc70f0723566cea73caceaad1
                                        
                                            POST /g/collect?v=2&tid=G-VJ36JWQDE1&gtm=2oe9s0&_p=724027004&cid=422561582.1664876039&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664876038&sct=1&seg=0&dl=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&dt=Hand-Picked%20Brandable%20Domains%20%7C%20Squadhelp&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://www.squadhelp.com
date: Tue, 04 Oct 2022 09:33:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/premium-domains-for-sale/all
Cookie: sucuri_cloudproxy_uuid_ce172bdb7=8fc2fda4fd21ec670c0cd1afb3805862; PHPSESSID=2a6o8d63cpmi3khma0f8utluk2; ahash=9866ae0545b6e77b; _gcl_au=1.1.1958697000.1664876038; user_navigation_history=/premium-domains-for-sale/all; lpg=/premium-domains-for-sale/all; _ALGOLIA=anonymous-572cb010-5c9b-42a1-9541-1d9890b7f4d4; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.1.422561582.1664876039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.124.249.108
HTTP/2 200 OK
content-type: image/x-icon
                                        
server: nginx
date: Tue, 04 Oct 2022 09:33:59 GMT
content-length: 1005
x-sucuri-id: 19008
last-modified: Thu, 13 Aug 2015 11:52:45 GMT
etag: "55cc850d-3ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   1005
Md5:    1504f785a65bf56ab21f3fe867a96f0e
Sha1:   4facb4c315e00d52ae2a5862936dd5795678ee05
Sha256: 38565e8e330d53df0489d117e37d016cb9abe5b811d48c2049810a605f55b447
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5734
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:33:59 GMT
Last-Modified: Tue, 04 Oct 2022 07:58:25 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(4.5.1)%3B%20Browser%20(lite)%3B%20instantsearch.js%20(4.11.0)%3B%20JS%20Helper%20(3.3.4)&x-algolia-api-key=31e09963295196353ee61fd2c7e60507&x-algolia-application-id=UY28JH5EE6 HTTP/1.1 
Host: uy28jh5ee6-dsn.algolia.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 887
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         64.7.218.233
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Server: nginx
Date: Tue, 04 Oct 2022 09:33:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Alg-PT: 76
Accept-Encoding: deflate, gzip
Cache-Control: no-store
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Disposition: inline; filename=a.txt
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   70070
Md5:    0b413b2ca3b13e7d715a7c69c2412531
Sha1:   cd445968286c309ccd9ff02af4c9c1f0259c97c1
Sha256: e453b7ea93b1303d20a044e69f9713c38c8203421529fcba9a16369e68e7c594
                                        
                                            GET /cp/obtp.js HTTP/1.1 
Host: amplify.outbrain.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.81
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Tue, 04 Oct 2022 09:53:59 GMT
Date: Tue, 04 Oct 2022 09:33:59 GMT
Content-Length: 3249
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (8072), with no line terminators
Size:   3249
Md5:    9b19340ef7db3cbb26aa923adb8dbe6e
Sha1:   082e699bca6e80ca6c72a43f2894f4a32e785e26
Sha256: c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a
                                        
                                            GET /li.lms-analytics/insight.min.js HTTP/1.1 
Host: snap.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.121
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=70623
date: Tue, 04 Oct 2022 09:33:59 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7751)
Size:   3063
Md5:    57efbbeb3e1d23c82b677511c67c8b0e
Sha1:   f927ba115ef4be362694c22850ddbdd1c1b054d1
Sha256: 873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5734
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:33:59 GMT
Last-Modified: Tue, 04 Oct 2022 07:58:25 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 08:41:09 GMT
expires: Tue, 04 Oct 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 3170
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5734
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:33:59 GMT
Last-Modified: Tue, 04 Oct 2022 07:58:25 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /en_US/all.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 54d6f3a13f5fcca3dd3ba285520a01b6
etag: "9cbb3a0abf63d6007d621cc4b7ced04d"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 04 Oct 2022 09:44:49 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: laKnYPKMpz4WhwIwnvY93w==
x-fb-debug: v2dLqKwPWyCToWPKLCn6EdznRK2+C52RJ/GWg404VOpW6F9/sUHqibz69OJOEk9piAzL/zFfq2umXpHpPBa5sQ==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1904183273
date: Tue, 04 Oct 2022 09:33:59 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   1686
Md5:    95a2a760f28ca73e168702309ef63ddf
Sha1:   34d10bf92431596756215a2676e6ac80a30d900f
Sha256: 42c6dc7b72bb83b9fb2dc1ca1b6adcff79a5fc8c2ddcb6e04f9bfcc8548903f8
                                        
                                            GET /uwt.js HTTP/1.1 
Host: static.ads-twitter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:33:59 GMT
x-served-by: cache-iad-kcgs7200165-IAD, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57443), with no line terminators
Size:   15317
Md5:    1e9c4d503a9e162d8b549dc3d9c040e2
Sha1:   1fa99d7d7e878cdd45567af4b0c3c65542036c1d
Sha256: f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
                                        
                                            GET /bat.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.21.200
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: private,max-age=1800
content-length: 11376
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=340DEE45F78C695C25CBFC76F6796893; domain=.bing.com; expires=Sun, 29-Oct-2023 09:33:59 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 037BA5F399834D3AB2C2D93907746DBD Ref B: OSL30EDGE0110 Ref C: 2022-10-04T09:33:59Z
date: Tue, 04 Oct 2022 09:33:59 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size:   11376
Md5:    2fe1e0c50cbb86b0c379ed78416df9c5
Sha1:   3e2c958bf438bc1486502253d613527fde7fdb25
Sha256: 57ab58b1840406037c30d4031235b6a715ee6f96f2574ab1eb93c5f4d6894bcd
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: MCeShJiyk5IGsflah8W4K9m03iZTJrmVjcaqNhLkD65F5dIBDDAbCdyWxggAxcgN4fgzo9IEGCgp/1gKGiNmDg==
content-length: 26840
x-fb-trip-id: 1904183273
date: Tue, 04 Oct 2022 09:33:59 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26840
Md5:    e1327a02d76346c7e23d114e4e508b30
Sha1:   195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
Sha256: 331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
                                        
                                            GET /cache/app/squadhelp.com/config.json HTTP/1.1 
Host: cdn.acsbapp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.238.215.8
HTTP/2 200 OK
content-type: application/json
                                        
cache-control: max-age=432000 public
expires: Wed, 05 Oct 2022 09:33:59 GMT
last-modified: Tue, 04 Oct 2022 09:33:14 GMT
etag: "9f-633bfdda-d7c10aef246e9f1e;;;"
accept-ranges: bytes
content-length: 159
date: Tue, 04 Oct 2022 09:33:59 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   159
Md5:    ab3176be9a079605de88d261d2be57d0
Sha1:   0d6cd50852be99cbd563df75ffb5ac44fa1a3b12
Sha256: fb49bb70a6a67c44cf06f427fd09b66051f68d0c0f6cdc961f3f3b6ff53ba131
                                        
                                            GET /libtrc/unip/1344021/tfa.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-amz-id-2: 4mjXhf6XaQlSLD5svW7UsKfwfDuIGVR/+MDhw1hFJsID4xJKfX6DUk3qNr823OQBbJUo19bbSc0=
x-amz-request-id: NPJR7JZC9QY48TRX
x-amz-replication-status: COMPLETED
last-modified: Sun, 02 Oct 2022 11:42:16 GMT
etag: "4005fa421afaa4ac9b02b0f79398607f"
x-amz-version-id: lSBvmt5F8PQpkKqvsVEbyDWbg5cxG_gH
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:33:59 GMT
via: 1.1 varnish
age: 116
x-served-by: cache-bma1674-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664876040.823808,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 50
content-length: 17942
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58479)
Size:   17942
Md5:    27cc6166280d98e8909150d8bdc8a556
Sha1:   0f3f9791debf49cdef6cba3507cba757541fb7f3
Sha256: f49e014f755b687e0e5f9e49f926e99c2ce02d9eca4ad8feae92a724a4068c97
                                        
                                            GET /pagead/conversion_async.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 04 Oct 2022 09:33:59 GMT
expires: Tue, 04 Oct 2022 09:33:59 GMT
cache-control: private, max-age=3600
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1654)
Size:   15187
Md5:    8766c5a801f08afceca9b66ff9097e6a
Sha1:   ce7640d1d166eddeb9d40be642ec34652f790713
Sha256: f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
                                        
                                            GET /en_US/all.js?hash=40918bebc71bd7d0b02946637c0b16ea HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 6aa019c3b094155b90c1215fab25d9fd
etag: "0e2aeca85f0bb72253fdb62fb7adbab8"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 04 Oct 2023 08:36:48 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: dkuif4r+AWDDCGZzi7jyjA==
x-fb-debug: n0U0S2rZwx3XnD6Gp6R+Vzu7hfiNabPLMBYoMeC9TtJWP2iX5iJiX1E0VI6dYUYBucTS2iHst9fWHtBHQ08vag==
priority: u=3,i
content-length: 88252
x-fb-trip-id: 1904183273
date: Tue, 04 Oct 2022 09:33:59 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18605)
Size:   88252
Md5:    764ba27f8afe0160c30866738bb8f28c
Sha1:   f19dac8870ff2e725bbc337856e5e68b1eb9287f
Sha256: 8ad6c4296fdf25e7949267e5d748407475b8d9dffb4f1bdc6b73211b3a12b467
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5734
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:33:59 GMT
Last-Modified: Tue, 04 Oct 2022 07:58:25 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /gtm/js?id=GTM-PZ8ZGQF&cid=422561582.1664876039 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 09:33:59 GMT
expires: Tue, 04 Oct 2022 09:33:59 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   41726
Md5:    012d0796dd37a37c39754fffa5deb5f6
Sha1:   0df4af7f8188969277e85ecb4f785f490a63f25b
Sha256: 795baa722a2888654899240fb65d64cbf61214d987af92ff94ab978f8c672564
                                        
                                            GET /rp.gif?ts=1664876038443&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=0248174f-3997-48d4-bde8-6a9ad0a6e8a6&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1 
Host: alb.reddit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.140
HTTP/2 200 OK
content-type: image/gif
                                        
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:33:59 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:33:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4692
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:33:59 GMT
Last-Modified: Tue, 04 Oct 2022 08:15:47 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:33:59 GMT
Last-Modified: Tue, 04 Oct 2022 08:56:57 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Pf4BcPo-itwrWR9W4j1hihfVFRWKt7FAJci51Ub12BpPifwGDdrp3w==
Age: 2222

                                        
                                            GET /collect?v=2&fmt=js&pid=34987&time=1664876039340&url=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.42.14
HTTP/2 302 Found
                                        
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1664876039340%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fpremium-domains-for-sale%252Fall%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJ1Go8271OqvwAAAYOiWE8vS8X66vFsTDhbCqB04ACR1pTxfOFeilL2Vt2nEDcI8DoujvRXaycEEg; Max-Age=2592000; Expires=Thu, 03 Nov 2022 09:33:59 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure AnalyticsSyncHistory=AQJWSI9HBPhtrwAAAYOiWE8vfuNFejJ78ES9ohMxCOYisT2A_f54FOieSNOTnZC_Ni65I0fBAsP93qnMqscOew; Max-Age=2592000; Expires=Thu, 03 Nov 2022 09:33:59 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&55c91478-aa4e-4454-813a-78af48704061"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 04-Oct-2023 09:33:59 GMT; SameSite=None lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2401:u=1:x=1:i=1664876039:t=1664962439:v=2:sig=AQHBXQ1hNWHR8fFHl76jG44B7YL1Hd6P"; Expires=Wed, 05 Oct 2022 09:33:59 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXqMij1LHVhAC8gwY75yQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 8425A4F11C1A4957B8B8C4CAEA551533 Ref B: OSL30EDGE0406 Ref C: 2022-10-04T09:33:59Z
date: Tue, 04 Oct 2022 09:33:59 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4135
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:34:00 GMT
Last-Modified: Tue, 04 Oct 2022 08:25:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /i/adsct?bci=3&eci=2&event_id=6c0c973b-79f9-4c6f-a51f-b465f84e6a42&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5bcf7850-4bd8-44e7-8515-b26606f359ac&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.27 HTTP/1.1 
Host: t.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.244.42.5
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
date: Tue, 04 Oct 2022 09:33:59 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=6c8d173e-2603-4325-a44c-e1f2eac45cec; Max-Age=63072000; Expires=Thu, 03 Oct 2024 09:34:00 GMT; Path=/; Domain=t.co; Secure; SameSite=None
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 25c51e8d21a03988
strict-transport-security: max-age=0
x-response-time: 104
x-connection-hash: 4a110fdf49f75f1bf78a4782b187973f385a88e79172795036034113a55a064a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    377d257f2d2e294916143c069141c1c5
Sha1:   b7cae69682cf31dd670b65088db8395acda6ed3e
Sha256: ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 230
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:34:00 GMT
Last-Modified: Tue, 04 Oct 2022 09:30:10 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /events.js HTTP/1.1 
Host: tags.srv.stackadapt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.175.93.244
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 09:34:00 GMT
Set-Cookie: sa-user-id=s%3A0-d7797c34-290e-4e90-617a-245a62dba977.trwj68MH1UhMPbOWpZDb5isf%2FPRwFBJIIDLLs5UcLEI; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A13l8NCkOTpBheiRaYtupd1taKpo.yO19M9VoKxg60zXqoDGCIhuqDbaA6P65HQiiO6iKKT8; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 5404
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (16677)
Size:   5404
Md5:    c4aed5b0639bb5204815e0039e74a205
Sha1:   792af4f7fb42cd95de669c81f0704003006d5d28
Sha256: 40fa13b05fe44a52b94d609ad04ab69e8c2424e0134dfbc73597a3d22b9ee6c6
                                        
                                            GET /action/0?ti=15226519&tm=gtm002&Ver=2&mid=029ad407-e3b3-467c-a5d1-cbc88b955a64&sid=acc7e49043c711ed85e19b8fc2506c6e&vid=acc7cee043c711ed94281bfebd993f5c&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Hand-Picked%20Brandable%20Domains%20%7C%20Squadhelp&p=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&r=&lt=2998&evt=pageLoad&sv=1&rn=960666 HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 204 No Content
                                        
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1700F52333B36BDF3B44E71032466AD4; domain=.bing.com; expires=Sun, 29-Oct-2023 09:34:00 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6F584C4BF0414765862FBB858B0AE80A Ref B: OSL30EDGE0110 Ref C: 2022-10-04T09:34:00Z
date: Tue, 04 Oct 2022 09:34:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:34:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:34:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1504
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:34:00 GMT
Last-Modified: Tue, 04 Oct 2022 09:08:56 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /pagead/viewthroughconversion/1030947153/?random=1664876039522&cv=9&fst=1664876039522&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&tiba=Hand-Picked%20Brandable%20Domains%20%7C%20Squadhelp&auid=1958697000.1664876038&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:34:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1069
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 09:49:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2360), with no line terminators
Size:   1069
Md5:    a54f6f394372f697493e3af23a23ba65
Sha1:   51d585607a60e1bcc83f993b75cd42b157f0001f
Sha256: 5309d6625071c02b44d77ffdcc9d8c96f58cf7b43b0649d9c324a2aa1c253d12
                                        
                                            GET /pagead/viewthroughconversion/1030947153/?random=1664876039512&cv=9&fst=1664876039512&num=1&fmt=3&value=0&label=DP_eCJK8xO0BENGCzOsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&tiba=Hand-Picked%20Brandable%20Domains%20%7C%20Squadhelp&auid=1958697000.1664876038&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:34:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 09:49:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-1&cid=422561582.1664876039&jid=2127451610&gjid=965646223&_gid=693745606.1664876039&_u=aCDAgEADQAAAAGAAI~&z=1223888298 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         74.125.131.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.squadhelp.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 09:34:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            GET /x/oauth/status?client_id=110109922373970&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&sdk=joey&wants_cookie_data=true HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://www.squadhelp.com
fb-s: unknown
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
strict-transport-security: max-age=15552000; preload
x-fb-debug: mkW7bOapGMfX6stydHEPr/RiEdDOXIVTAxQa1+Aiuebs7m+JMZrwkwnn+nlAbl6BYBFY525tCTguwjPqi1o1hw==
content-length: 0
date: Tue, 04 Oct 2022 09:34:00 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /sa.css HTTP/1.1 
Host: tags.srv.stackadapt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.175.93.244
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Date: Tue, 04 Oct 2022 09:34:00 GMT
Content-Length: 27
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text
Size:   27
Md5:    83f5ba33314db5f218488a5a51da1455
Sha1:   87a21689afa235c4c65437334085be4bf5cca170
Sha256: 3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
                                        
                                            GET /tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&rl=&if=false&ts=1664876039813&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1664876039812.1122152263&it=1664876039475&coo=false&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 04 Oct 2022 09:34:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:34:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1664876039340%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fpremium-domains-for-sale%252Fall%26liSync%3Dtrue HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 302 Found
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1664876039340&url=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None bcookie="v=2&e0ba6c9d-a80d-419d-835c-cc82d21d9b79"; Domain=.linkedin.com; Expires=Wed, 04-Oct-2023 09:34:00 GMT; Path=/; Secure; SameSite=None bscookie="v=1&20221004093400d4e6b97a-1988-413b-8e97-26d06161523eAQHgl_CcIJDHz5wwT6BiQGc7JtDALxDw"; Domain=.www.linkedin.com; Expires=Wed, 04-Oct-2023 09:34:00 GMT; Path=/; HttpOnly; Secure; SameSite=None li_gc=MTswOzE2NjQ4NzYwNDA7MjswMjFn/F52BC59+ro9micflVW1DlQFlLPc1uRMksUoXoe8sg==; Domain=.linkedin.com; Expires=Sun, 02 Apr 2023 09:34:00 GMT; Path=/; Secure; SameSite=None lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2401:u=1:x=1:i=1664876040:t=1664962440:v=2:sig=AQFSaVjkn-evLoXX2J2fFSm_X4K_mdGK"; Expires=Wed, 05 Oct 2022 09:34:00 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXqMij4sGb2QaprSAS/sA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 15E0AD917B5644E6A4713917C621CE25 Ref B: OSL30EDGE0406 Ref C: 2022-10-04T09:34:00Z
date: Tue, 04 Oct 2022 09:34:00 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc HTTP/1.1 
Host: tr.outbrain.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         70.42.32.31
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 09:34:00 GMT
Content-Length: 56
X-TraceId: baa13166e2d8407af9e4b2e2b68f91db
content-encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   56
Md5:    77fbe8ab311fa20557d95906363035ed
Sha1:   5806df80f09a37e070d5f37c49f19797c2763fd0
Sha256: 4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
                                        
                                            GET /unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&optOut=false&bust=01542297758942205&referrer= HTTP/1.1 
Host: tr.outbrain.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         70.42.32.31
HTTP/1.1 200 OK
Content-Type: image/gif;
                                        
Date: Tue, 04 Oct 2022 09:34:00 GMT
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 254a41c131b4e8cc90eb04a4ebea5da1
content-encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   60
Md5:    fb0fc5c090282e372b8bf8ff13ae3ee2
Sha1:   2de3834253ece606ce4d2a6f10a59654b6fa378b
Sha256: 90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:34:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /p/action/15226519.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 204 No Content
                                        
cache-control: private,max-age=1800
set-cookie: MUID=1741D91D300366AB07B9CB2E31F6677D; domain=.bing.com; expires=Sun, 29-Oct-2023 09:34:00 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ECF2FC25D46A4E639152FC5058C8B0E4 Ref B: OSL30EDGE0110 Ref C: 2022-10-04T09:34:00Z
date: Tue, 04 Oct 2022 09:34:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:34:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /i/adsct?bci=3&eci=2&event_id=6c0c973b-79f9-4c6f-a51f-b465f84e6a42&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5bcf7850-4bd8-44e7-8515-b26606f359ac&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.27 HTTP/1.1 
Host: analytics.twitter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.244.42.195
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
date: Tue, 04 Oct 2022 09:34:00 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_eJLPaEDceuxSvhsNnZMoqQ=="; Max-Age=63072000; Expires=Thu, 03 Oct 2024 09:34:00 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 06d02868035c922f
strict-transport-security: max-age=631138519
x-response-time: 103
x-connection-hash: 5a31c93c8cdbddadaac4dddee7b59e0d657883a11128e059cc8e8c28f76fffbc
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    377d257f2d2e294916143c069141c1c5
Sha1:   b7cae69682cf31dd670b65088db8395acda6ed3e
Sha256: ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
                                        
                                            GET /pagead/1p-user-list/1030947153/?random=1664876039522&cv=9&fst=1664874000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&tiba=Hand-Picked%20Brandable%20Domains%20%7C%20Squadhelp&async=1&fmt=3&is_vtc=1&random=28714973&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:34:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-conversion/1030947153/?random=1664876039512&cv=9&fst=1664876039512&num=1&value=0&label=DP_eCJK8xO0BENGCzOsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&tiba=Hand-Picked%20Brandable%20Domains%20%7C%20Squadhelp&auid=1958697000.1664876038&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:34:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   63
Md5:    0339f8f57d1bf75003db591e28957e45
Sha1:   ae2286e497c9f76a02cb40c40a674b73bd293b76
Sha256: 609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:34:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /collect?v=2&fmt=js&pid=34987&time=1664876039340&url=https%3A%2F%2Fwww.squadhelp.com%2Fpremium-domains-for-sale%2Fall&liSync=true HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 200 OK
content-type: application/javascript
                                        
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&053178ba-535f-4c72-8216-605319f354f8"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 04-Oct-2023 09:34:00 GMT; SameSite=None lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2354:u=1:x=1:i=1664876040:t=1664962440:v=2:sig=AQE5YmwhQ0Vyl5rDvlYkvIJ_oi5V16-R"; Expires=Wed, 05 Oct 2022 09:34:00 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXqMij78+Jw/bwNKAFA5g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 53AD554B69944907A091DA0490BE3481 Ref B: OSL30EDGE0406 Ref C: 2022-10-04T09:34:00Z
date: Tue, 04 Oct 2022 09:34:00 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /widget/ld9mkn53 HTTP/1.1 
Host: widget.intercom.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.53
HTTP/2 302 Found
                                        
content-length: 0
location: https://js.intercomcdn.com/shim.latest.js
date: Thu, 15 Sep 2022 19:18:38 GMT
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zAD2vyK1sIGB_zgnEPgV_7DGoMrP-r68jiEUiQIG0p9wqGOKTlOjOA==
age: 1606523
X-Firefox-Spdy: h2

                                        
                                            GET /sa.jpeg HTTP/1.1 
Host: tags.srv.stackadapt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.175.93.244
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Date: Tue, 04 Oct 2022 09:34:00 GMT
Content-Length: 651
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Size:   651
Md5:    4322b279b9bff3ed9f63d38b43ec5b6f
Sha1:   4dd16c56f86ae3f0c4679c9cb74b34b285a79246
Sha256: d6def5b92bbcd0f3b42a6b6b4f6c7bd3b99d4202189277aefe76b0eddcf45b38
                                        
                                            GET /nr-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:34:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 39323
x-timer: S1664876041.663766,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32022)
Size:   14391
Md5:    b7c09cc097b2847f9edc784adba62dcb
Sha1:   5aa648623cf5e3b4b215fe5d068a7904c59f2925
Sha256: 6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
                                        
                                            GET /c.gif HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.234.93.27
HTTP/2 302 Found
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=21B55B92A77B4BDE8AC87F31E7E840BD&RedC=c.clarity.ms&MXFR=2FEB9A60CBB46C9E25708853CFB46207
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure; MUID=2FEB9A60CBB46C9E25708853CFB46207; domain=.clarity.ms; expires=Sun, 29-Oct-2023 09:34:00 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 04 Oct 2022 09:34:00 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 697
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         20.75.32.255
HTTP/2 204 No Content
                                        
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
date: Tue, 04 Oct 2022 09:34:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A56285878F3E8C0AD89C9096DD5100B058FA84A17CF6AE4342E29406811E2AD"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16125
Expires: Tue, 04 Oct 2022 14:02:45 GMT
Date: Tue, 04 Oct 2022 09:34:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3B07184FC9C863C18257A1C13717E7392F687CA07CF329BC21435BEF4B3694FE"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1322
Expires: Tue, 04 Oct 2022 09:56:02 GMT
Date: Tue, 04 Oct 2022 09:34:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3B07184FC9C863C18257A1C13717E7392F687CA07CF329BC21435BEF4B3694FE"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1322
Expires: Tue, 04 Oct 2022 09:56:02 GMT
Date: Tue, 04 Oct 2022 09:34:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A56285878F3E8C0AD89C9096DD5100B058FA84A17CF6AE4342E29406811E2AD"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16069
Expires: Tue, 04 Oct 2022 14:01:49 GMT
Date: Tue, 04 Oct 2022 09:34:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A56285878F3E8C0AD89C9096DD5100B058FA84A17CF6AE4342E29406811E2AD"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16069
Expires: Tue, 04 Oct 2022 14:01:49 GMT
Date: Tue, 04 Oct 2022 09:34:00 GMT
Connection: keep-alive

                                        
                                            GET /story_images/visual_images/11177033.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 7678
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 04 Oct 2022 07:52:00 GMT
x-bo-server: ASB-210
x-downloadsize: 16578
x-bo-origindownloadtime: 5
x-bo-processingtime: 11
x-bo-compressionratio: 53.69%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 07:52:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9236610b6642b21d9bd7d7394578849c
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7678
Md5:    4785961996440ef21f486dcc37363930
Sha1:   cbafe06578e9136b84b5b15bceba965a9ce59c92
Sha256: 82ce7df80e37280bb802b222f5b1ad710a72ba3247e4d0033f0caa5d6085ceae
                                        
                                            GET /story_images/visual_images/10434952.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 5842
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 04 Oct 2022 07:52:00 GMT
x-bo-server: ASB-203
x-downloadsize: 14494
x-bo-origindownloadtime: 8
x-bo-processingtime: 13
x-bo-compressionratio: 59.69%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 07:52:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: eeaad86c47033f4886fbbab6de354ae0
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5842
Md5:    a8eb7add5da510b50d3a504080414910
Sha1:   a08800108838552114d2cd00a07b69b8e5f1e706
Sha256: 8dd26de8a4b90aa5022fa261a75df4e5ae71483f6819ba15b85faa41c9a046ae
                                        
                                            GET /story_images/visual_images/1664117693-750x450.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 7812
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 04 Oct 2022 06:48:35 GMT
x-bo-server: ASB-193
x-downloadsize: 75272
x-bo-origindownloadtime: 8
x-bo-processingtime: 15
x-bo-compressionratio: 89.62%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 06:48:36
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bc4a1ed3b86a56ab691234eed79227c6
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 370x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7812
Md5:    ef14344acca0c3025dfbe9ef219cfd5b
Sha1:   30b6a042834b49afd02e795e22838a32aee33a66
Sha256: bed64007a28b919b6f4d312328ff3d69dc2eb49232de2e62d694e2373134abe6
                                        
                                            GET /story_images/visual_images/1610163784-EverGuru0.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 4818
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 03 Oct 2022 01:01:06 GMT
x-bo-server: ASB-195
x-downloadsize: 56011
x-bo-origindownloadtime: 3
x-bo-processingtime: 13
x-bo-compressionratio: 91.4%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/03/2022 01:01:06
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bf895984dcc24f6b5540aeaf9da2ee80
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   4818
Md5:    a8d93fb8caa86063ea024be9e7377f06
Sha1:   3572ee119b94faed4769690ff375f74651e2f03c
Sha256: b3d91d8f7f64cef2c1f2f35cffcfc1d39c5308abe844e60bb27ce9b16b044eeb
                                        
                                            GET /story_images/visual_images/7811482.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 5328
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 04 Oct 2022 06:03:26 GMT
x-bo-server: ASB-205
x-downloadsize: 11686
x-bo-origindownloadtime: 14
x-bo-processingtime: 12
x-bo-compressionratio: 54.41%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 06:03:26
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d2500640653926b0a51c2652e5a63a1b
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5328
Md5:    385d1133d0356d586ba96307c8d2a03d
Sha1:   58274ec8b7f4b638c90a88c3b07517a815d0692b
Sha256: d938e3aa1abafa6df2a92b897b70ad195ab41420768917d2b3289e5cb201ff89
                                        
                                            GET /story_images/visual_images/Curalyfe.png?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 7242
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 04 Oct 2022 07:52:00 GMT
x-bo-server: ASB-204
x-downloadsize: 15606
x-bo-origindownloadtime: 4
x-bo-processingtime: 12
x-bo-compressionratio: 53.59%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 07:52:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: fe82f2213945fa1976646ff5a7673256
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7242
Md5:    de7b10c70122da266c8bca60c3f964cd
Sha1:   59719f9291ddbee3e9d6ce1fce2c1b58ad5032dc
Sha256: 8eb22b192dc257d2dea7c49f614f52f1948df485b01ba064a81a10eedf56ec0c
                                        
                                            GET /story_images/visual_images/1601101782-Perkzi-01.png?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 5588
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 03 Oct 2022 19:53:20 GMT
x-bo-server: ASB-208
x-downloadsize: 9612
x-bo-origindownloadtime: 3
x-bo-processingtime: 13
x-bo-compressionratio: 41.86%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/03/2022 19:53:20
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f2759f7752b70ed85721eb46e978d075
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5588
Md5:    995b068f13207dc3bbe896821639aa15
Sha1:   dc3c1a54410d0a2bd4b9001e9daf812a92927b32
Sha256: bd8db5f3b00e831cf2d1b49c16f1ea9c882e11ec52f0c993e8639a59696aa2ff
                                        
                                            GET /story_images/visual_images/1614679495-seduce.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 8874
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 03 Oct 2022 13:29:23 GMT
x-bo-server: ASB-211
x-downloadsize: 67133
x-bo-origindownloadtime: 6
x-bo-processingtime: 11
x-bo-compressionratio: 86.78%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/03/2022 13:29:23
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 06b89ce0557d75920bf4f06318eb845f
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   8874
Md5:    3569b18687afc041ded8bb6e049d80fc
Sha1:   de8c4997fa42da40145d7cab5dd53e8611d529be
Sha256: 2e771b492ec6ba9100e6d106fe9ac8a323f5ee2706eb4659b79aa16e84d58ff0
                                        
                                            GET /story_images/visual_images/Stryct.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 5206
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 04 Oct 2022 07:52:00 GMT
x-bo-server: ASB-195
x-downloadsize: 34399
x-bo-origindownloadtime: 4
x-bo-processingtime: 12
x-bo-compressionratio: 84.87%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 07:52:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cfb59da09baae3c6ac6f0f398ae5fa65
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5206
Md5:    f34a10a8d53faa1da1c24cb6c666563e
Sha1:   ec7af8ed516de5b169f957d9ebbe6bb1e5b2fd06
Sha256: d5d71a40ec5c16e82888d65e7212b1a12533821b49b7b2b39c8b8108713a4875
                                        
                                            GET /story_images/visual_images/1642209873-ByteScale-01.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 6622
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 03 Oct 2022 18:00:58 GMT
x-bo-server: ASB-202
x-downloadsize: 138128
x-bo-origindownloadtime: 4
x-bo-processingtime: 26
x-bo-compressionratio: 95.21%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/03/2022 18:00:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ac005c610ae758582bb405379416726a
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   6622
Md5:    db974db96d422de6fb62ad8464d823ef
Sha1:   6047ddaadfddee86f015ee87a77a6c660f5ae55f
Sha256: a4e5fc7887dda0d6e3eab56dec6b9d36657f57d4ae86fb5d1521642e3c3b49a1
                                        
                                            GET /story_images/visual_images/1610449028-1.png?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 5710
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 03 Oct 2022 12:45:33 GMT
x-bo-server: ASB-192
x-downloadsize: 54946
x-bo-origindownloadtime: 4
x-bo-processingtime: 62
x-bo-compressionratio: 89.61%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/03/2022 12:45:33
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bce2163b29d2ac90a821b04c78608ead
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5710
Md5:    5ecbda8828e6791c37fd0835475bdcc2
Sha1:   99aff497cc2dafb6362d84eefbbe4bd4fd96b131
Sha256: 0cd7371fd6acde6b9d101b2322a3f7a6a628a585ae8f637c4eea31c8b24fce2e
                                        
                                            GET /story_images/visual_images/11008294.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 5386
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 04 Oct 2022 07:52:00 GMT
x-bo-server: ASB-193
x-downloadsize: 13934
x-bo-origindownloadtime: 3
x-bo-processingtime: 18
x-bo-compressionratio: 61.35%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 07:52:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 71637a8e532c31b9d757fc31a0ec2481
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5386
Md5:    8ef7ffe44493384b529fdecc4a842bd1
Sha1:   e0b210c129d30e42edf044579b56a09c2e299365
Sha256: 87f4dc8518d88cc83ec7d2910a3e137cf1689f040c3289aed5270d3b07420cfe
                                        
                                            GET /story_images/visual_images/1652237175-finela.png?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 5648
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 03 Oct 2022 19:53:20 GMT
x-bo-server: ASB-210
x-downloadsize: 49606
x-bo-origindownloadtime: 7
x-bo-processingtime: 61
x-bo-compressionratio: 88.61%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/03/2022 19:53:20
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cbebc31e71f630f28cdbc759842e45c8
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5648
Md5:    c2b7239e78da87e44584727f87bc22d6
Sha1:   adbef7c15154fdc315bb85e912c4aadd0a398c5e
Sha256: 571796c0add2c1509b78b83eeb327ddc4ec97ee3883637e7b74b5ca4ceb58852
                                        
                                            GET /story_images/visual_images/WebMission.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 6242
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 04 Oct 2022 07:52:00 GMT
x-bo-server: ASB-202
x-downloadsize: 65126
x-bo-origindownloadtime: 6
x-bo-processingtime: 18
x-bo-compressionratio: 90.42%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 07:52:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 51c868c84261a4129ed0307add0c04e4
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   6242
Md5:    2aca0d5e0c60b427a622bde8a97ccd33
Sha1:   0dc4d8a0019730968019a00f4fbb196edaeca9e8
Sha256: 042a68a8963b627f786fa09af70cbbaee5b647e4e300da167e9f7be7e48742a0
                                        
                                            GET /story_images/visual_images/FundSurge-100.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 7580
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 04 Oct 2022 07:52:00 GMT
x-bo-server: ASB-195
x-downloadsize: 75613
x-bo-origindownloadtime: 8
x-bo-processingtime: 11
x-bo-compressionratio: 89.98%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 07:52:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 06347d2611e99ea540170a5028b8fd86
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7580
Md5:    4a9b1e30b9b6c218d4a56da2159132e1
Sha1:   e8e5fbb4a1690244ff3dc0eab7bcf7d6f2de8d18
Sha256: c1d037a82dfdbb0829401802f676d4e89fc39c1af10eacd0ef945e35f0c63a35
                                        
                                            GET /story_images/visual_images/1605430707-GlamCare.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 5232
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 03 Oct 2022 16:24:12 GMT
x-bo-server: ASB-203
x-downloadsize: 39138
x-bo-origindownloadtime: 7
x-bo-processingtime: 13
x-bo-compressionratio: 86.63%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/03/2022 16:24:12
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a8fdeb6fa306e2a384088673be508e5c
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5232
Md5:    ef4ff6f30b120c6d5d074bba7dc72470
Sha1:   6fb4b58911aaf71bccd9a20fd46ccdc7d265b660
Sha256: 97324ff94a418d06bf7735e8d134cd075b9f14d407015b8e8ecb2b0e67bd23a4
                                        
                                            GET /story_images/visual_images/1645580602-seccurity-01.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 6412
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 04 Oct 2022 07:52:00 GMT
x-bo-server: ASB-194
x-downloadsize: 134635
x-bo-origindownloadtime: 9
x-bo-processingtime: 15
x-bo-compressionratio: 95.24%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 07:52:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4d22db07d0f59db7b8a42b626f3d0a82
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   6412
Md5:    84731d52436c6426a2c84e5c259e848d
Sha1:   0eb18316348809b2c4f3fe2c866fb4a2d4248a33
Sha256: 8833cfc42af8c53afe98f0e9a28ac7f6e383f6f7f79fc37b37bb3a33c7789a89
                                        
                                            GET /story_images/visual_images/1651876277-Glowzi-1.jpg?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 04 Oct 2022 09:34:01 GMT
content-length: 7952
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 04 Oct 2022 07:52:00 GMT
x-bo-server: ASB-203
x-downloadsize: 82548
x-bo-origindownloadtime: 9
x-bo-processingtime: 11
x-bo-compressionratio: 90.37%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 07:52:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ab83920199b6d94b3b4120028ab3ae9c
cdn-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 375x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7952
Md5:    f4657045842f0760d536192d29f9716f
Sha1:   37d58ce09d6cd06d39cdc5419fe037d20596c288
Sha256: 053bfd92459b295543b46ac1f05bf12dbe33109bcc248ff17e11eea74da4c1b4
                                        
                                            GET /story_images/visual_images/1613983391-luvsi.png?class=listing HTTP/1.1 
Host: img.squadhelp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: _gcl_au=1.1.1958697000.1664876038; _rdt_uuid=1664876038443.0248174f-3997-48d4-bde8-6a9ad0a6e8a6; _ga_VJ36JWQDE1=GS1.1.1664876038.1.0.1664876038.0.0.0; _ga=GA1.2.422561582.1664876039; _gid=GA1.2.693745606.1664876039; _uetsid=acc7e49043c711ed85e19b8fc2506c6e; _uetvid=acc7cee043c711ed94281bfebd993f5c; _gat_DomainViews=1; _dc_gtm_UA-11585500-1=1; _fbp=fb.1.1664876039812.1122152263; _clck=1cwa5sc|1|f5f|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers