firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 18:15:03 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h3ZsVhEk5pYmtLcUU3g8kzbB7ogAnFJLXiSZquElsVbueKBcEKBddQ==
Age: 2776
cryptoforhealth.com/
52.20.84.62301 Moved Permanently 166 B IP 52.20.84.62:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: cryptoforhealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Sun, 25 Sep 2022 19:01:19 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://www.squadhelp.com/name/cryptoforhealth?lp=d
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13182
Expires: Sun, 25 Sep 2022 22:41:02 GMT
Date: Sun, 25 Sep 2022 19:01:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bC37O5NAYnlcRoKGVh-ptBj7gfmPq59Yw_Ul5sclZYtjXPhA929dTQ==
age: 51966
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 066f2d084e0f1f4a6683e271d93e63c5
e33ea06ffc165436c6b51b7dd9a51957055664ad
b087fd1c9bc2f7b46f15581d8dbfdd04c66c33245cbfb9297a3633fdeba33d56
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3035
Cache-Control: max-age=112470
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Etag: "632fadfb-1d7"
Expires: Tue, 27 Sep 2022 02:15:50 GMT
Last-Modified: Sun, 25 Sep 2022 01:25:15 GMT
Server: ECS (amb/6B86)
X-Cache: HIT
Content-Length: 471
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.squadhelp.com/name/cryptoforhealth?lp=d
192.124.249.108200 OK 43 kB URL HTTP/2 www.squadhelp.com/name/cryptoforhealth?lp=d
IP 192.124.249.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10235)
Hash b5061d65de2b9b1baed79244a82a7dbd
4819817367c1471c54067b74c6a2bcfe4b2de0c0
61a75166aa1d61b42433ca56b05a0ddb79e4ff4a3a50be5c41f4b64749fd6147
GET /name/cryptoforhealth?lp=d HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: text/html; charset=UTF-8
content-length: 42692
x-sucuri-id: 19008
user-id: 68a91e14372ca6983091cd2a430d4328ef9f36ef
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0
expires: Sun, 25 Sep 2022 19:01:15 GMT
proxy-cache: HIT
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.squadhelp.com/resources/assets/imgs/new_ui/logo_white.svg
192.124.249.108200 OK 4.7 kB URL HTTP/2 www.squadhelp.com/resources/assets/imgs/new_ui/logo_white.svg
IP 192.124.249.108:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (764), with CRLF line terminators
Hash 60c5ec80ae536eb5eb0b40bce177ddd2
a2d5691a854c1bc34fcadd5afeba47ef745d17a4
71d36fa5cec6f8eef2b2fef59c803af8f09cbd3d0d30388740197615f77440d7
GET /resources/assets/imgs/new_ui/logo_white.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/cryptoforhealth?lp=d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: image/svg+xml
content-length: 4659
x-sucuri-id: 19008
last-modified: Thu, 08 Jul 2021 15:44:16 GMT
etag: "60e71d50-1233"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c3cacb17661f8a0191f746116fc2a8c3
4b2de0446c097af3dd085dbf1ca731a243cfc706
613678ac61a01c43f0b89368b867f583d178fb9bad3f55ba2a23d00da6d5c840
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4942
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Last-Modified: Sun, 25 Sep 2022 17:38:58 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
www.squadhelp.com/resources/assets/imgs/image_overlay_new_pricing.jpeg
192.124.249.108200 OK 60 kB URL HTTP/2 www.squadhelp.com/resources/assets/imgs/image_overlay_new_pricing.jpeg
IP 192.124.249.108:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Hash 0a89c41707b316e7f63ef103fa67e7aa
67fe3515e4a63d3866a722600f9bad9e26cd06bb
9fe8fa44c5e1a8d1ecd9380861196a24f280f370364d23e287b9512e55d825da
GET /resources/assets/imgs/image_overlay_new_pricing.jpeg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/cryptoforhealth?lp=d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: image/jpeg
content-length: 60094
x-sucuri-id: 19008
last-modified: Fri, 17 Jun 2022 13:52:40 GMT
etag: "62ac8728-eabe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.shopperapproved.com/newseals/15916/white-header-details.gif
172.67.36.56200 OK 20 kB URL HTTP/2 www.shopperapproved.com/newseals/15916/white-header-details.gif
IP 172.67.36.56:0
File type GIF image data, version 89a, 200 x 48\012- data
Hash 5bf8597c603b6daee49d6817020606a4
807b6df33885fef68d5265e62ec1e4e12a4f4595
da7427867d83ea44bc734f79c259586805bab2e7426203058b3eaa5e045656c1
GET /newseals/15916/white-header-details.gif HTTP/1.1
Host: www.shopperapproved.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: image/gif
content-length: 20353
cf-bgj: imgq:100,h2pri
cf-polished: origSize=88843, status=vary_header_present
content-security-policy: frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
p3p: CP="DSP ALL CUR ADM DEV IVD IVA HIS OTP PSA PSD TAI TELi CONo OUR SAM OTR PUBi IND NAV COM CNT PUR UNI INT DEM"
vary: Accept-Encoding,Origin
x-frame-options: sameorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6965
last-modified: Sun, 25 Sep 2022 17:05:15 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 750602034ebab521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f6b778fb0939194cb8d56f98df936c5
2c20b9d0568194e5331361e768c4ad9d49a2ba46
7012a47d8f3105c7bffb00f652417d301a4e998278ca0279d22684b9f90291ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7012A47D8F3105C7BFFB00F652417D301A4E998278CA0279D22684B9F90291CE"
Last-Modified: Sun, 25 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7824
Expires: Sun, 25 Sep 2022 21:11:44 GMT
Date: Sun, 25 Sep 2022 19:01:20 GMT
Connection: keep-alive
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
142.250.74.42200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 08:21:10 GMT
expires: Thu, 21 Sep 2023 08:21:10 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 384010
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.chargebee.com/v2/chargebee.js
143.204.55.13200 OK 70 kB URL HTTP/2 js.chargebee.com/v2/chargebee.js
IP 143.204.55.13:0
Hash 0b59f33508c68a1b04d6f1a1cad86ccc
f4df738a5c10de16245318d526b0948174a81f65
6ad3fafde9052e0fcd4d217f570dd106cec2f4f9de74ec442a9ed6f144a36fad
GET /v2/chargebee.js HTTP/1.1
Host: js.chargebee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 10:33:55 GMT
x-amz-version-id: 9K0yGTvs5vTA89SRheSkWen60Euh_.BU
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 25 Sep 2022 18:57:27 GMT
cache-control: max-age=300,public
etag: W/"47cebc77a62a3a58004ad9d258d17c80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: K4yq28b0GBJNl22MY9hCec_HdIdlxWk0N_tqPjqFKj54k-p5D613zQ==
age: 234
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
142.250.74.164200 OK 554 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 2311f1fa9653aad9f269b060d254e517
5616b0baad9134f8e12ab3fb911578740aa392fb
51f53051cf837a6d1e0de5e5db5bb5d5a2c1e4b23d4e7323ce306e24a80ba2b7
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 25 Sep 2022 19:01:20 GMT
date: Sun, 25 Sep 2022 19:01:20 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.4 kB IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash 0de2c2fc3ec5c182bef40a1556a2a96b
36ae8eed8924957792ed3e7b2e31629a396706f7
f1dbf8caafa7b61d8b819da878410c848bfa3562a4a62a3d03e4e87a576aea8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 18:04:17 GMT
Expires: Sun, 25 Sep 2022 18:09:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3RwUezTCeb0PJM7I5ZrtvSaFYizh2OaSsANd52TsBa9M_4WVGZR3Lg==
Age: 3423
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b95095722fdf1c4e0f65c42f6469cd66
5738b998c6626e88501c789a0a4418460cf0ce97
0e3585e3235a19f54a0f14e92b0aad7bd466d62b02242ca1986e6d27c949ffa5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E3585E3235A19F54A0F14E92B0AAD7BD466D62B02242CA1986E6D27C949FFA5"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12883
Expires: Sun, 25 Sep 2022 22:36:03 GMT
Date: Sun, 25 Sep 2022 19:01:20 GMT
Connection: keep-alive
www.squadhelp.com/var/8d11611429fd28f9e2beb43074dd7896.js
192.124.249.108200 OK 138 kB URL HTTP/2 www.squadhelp.com/var/8d11611429fd28f9e2beb43074dd7896.js
IP 192.124.249.108:0
Size 138 kB (138373 bytes)
Hash 2b2b4f0ac837bdbb2be3f4d454e885d6
498e17c48e4f10a6b66d8e208d900f66b4c89a85
17eca33bf4756fa87fa41c99cd2b8049583bb36b97874c51b8bfd16333ff87ee
GET /var/8d11611429fd28f9e2beb43074dd7896.js HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/cryptoforhealth?lp=d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: application/x-javascript
x-sucuri-id: 19008
last-modified: Sat, 10 Sep 2022 19:38:59 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"631ce7d3-78570"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
x-sucuri-cache: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b95095722fdf1c4e0f65c42f6469cd66
5738b998c6626e88501c789a0a4418460cf0ce97
0e3585e3235a19f54a0f14e92b0aad7bd466d62b02242ca1986e6d27c949ffa5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E3585E3235A19F54A0F14E92B0AAD7BD466D62B02242CA1986E6D27C949FFA5"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12883
Expires: Sun, 25 Sep 2022 22:36:03 GMT
Date: Sun, 25 Sep 2022 19:01:20 GMT
Connection: keep-alive
www.squadhelp.com/resources/assets/fonts/GoogleSans-Regular.ttf
192.124.249.108200 OK 120 kB URL HTTP/2 www.squadhelp.com/resources/assets/fonts/GoogleSans-Regular.ttf
IP 192.124.249.108:0
File type TrueType Font data, digitally signed, 14 tables, 1st "DSIG", 12 names, Microsoft, language 0x409, Copyright 2017 Google Inc. All Rights Reserved.Google SansRegular1.023;GOOG;GoogleSans-RegularGo\012- data
Size 120 kB (119984 bytes)
Hash b5c77a6aed75cdad9489effd0d5ea411
4974453e73089c1d8bcf2a6b5eeff51302da45ec
974ee8402aed7391f8ed35155db12950697bcbbe3ad01abfb81718b65cb1960d
GET /resources/assets/fonts/GoogleSans-Regular.ttf HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a1513cb569363f3d9b933bba37770c90.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:20 GMT
content-length: 119984
x-sucuri-id: 19008
last-modified: Wed, 23 Jan 2019 02:40:14 GMT
etag: "1d4b0-580170373e149"
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.squadhelp.com/resources/assets/fonts/GoogleSans-Medium.ttf
192.124.249.108200 OK 118 kB URL HTTP/2 www.squadhelp.com/resources/assets/fonts/GoogleSans-Medium.ttf
IP 192.124.249.108:0
File type TrueType Font data, 13 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2017 Google Inc. All Rights Reserved.Google Sans MediumRegular1.023;GOOG;GoogleSans-Me\012- data
Size 118 kB (118508 bytes)
Hash 8d57e4014b18edef070d285746485115
d45d7641ac2473cc19c260ecabf0f76381703ab6
0cdf0063c8c613033b911b0eb7162aa0a3931b4129ba193163e71dc7d8e16e4b
GET /resources/assets/fonts/GoogleSans-Medium.ttf HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a1513cb569363f3d9b933bba37770c90.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:20 GMT
content-length: 118508
x-sucuri-id: 19008
last-modified: Wed, 23 Jan 2019 02:40:13 GMT
etag: "1ceec-5801703685828"
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.squadhelp.com/fonts/fontawesome-webfont.woff2?v=4.6.2
192.124.249.108200 OK 64 kB URL HTTP/2 www.squadhelp.com/fonts/fontawesome-webfont.woff2?v=4.6.2
IP 192.124.249.108:0
File type Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Hash 4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
GET /fonts/fontawesome-webfont.woff2?v=4.6.2 HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a1513cb569363f3d9b933bba37770c90.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: application/octet-stream
content-length: 64464
x-sucuri-id: 19008
last-modified: Mon, 25 Jul 2016 21:53:11 GMT
etag: "57968a47-fbd0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
172.64.132.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 74316, version 329.30932\012- data
Hash 52134b924fd61958f88323845deffc64
cfccdf2c8be593220ea949989a5abc0b380ea2ac
658cf43db24e9d4c57890e958aa74656a13139754de24f19e706f0a355279e4d
GET /releases/v5.7.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: font/woff2
content-length: 74316
x-amz-id-2: 2EALQljDbf+ypGonTSJDKnLdz1xl0oxyYGz2yMTtH2vYnWIRsNOGC7b7K+zsl3KWRQmoepiBFeI=
x-amz-request-id: XQHABHZH00SBM1D4
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: "52134b924fd61958f88323845deffc64"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 24683790
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwN%2BQC%2Fg2fK1OGmT0h64p8p3pxMqgG9ZdhlQ3pheTLoD4eSkwcjuVXuy6llPdX%2FqDNTrHMg7WYdWFCAFVAsAgVfsmBRrpuBCf8Dc%2BLne6HVi7PsI%2FSAN6QgrG7KJLhXRwdwFMQjk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750602051f6a76ef-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M6CM29
142.250.74.72200 OK 97 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M6CM29
IP 142.250.74.72:0
File type ASCII text, with very long lines (53755)
Hash 42be19270b6b17f9567d2c21326a8f8c
fa941e705531ca7a6f23aa2bf68b02fde93fc20e
21ae9191949cfacddc8841f0fcea06f471fe529e114ab95e5145fefdb078c407
GET /gtm.js?id=GTM-M6CM29 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 19:01:20 GMT
expires: Sun, 25 Sep 2022 19:01:20 GMT
cache-control: private, max-age=900
last-modified: Sun, 25 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.0/webfonts/fa-regular-400.woff2
172.64.132.15200 OK 14 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.0/webfonts/fa-regular-400.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 13576, version 329.30932\012- data
Hash 9c0eb6c2e967eccd837da618bcbde91c
02a31e6b2ef5ba8fa780c68901bbe4dc9cfe08f4
79569bbf98e046743427673c2f59a9649ee833f2a9089b2e6497d435b5fe1b09
GET /releases/v5.7.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: font/woff2
content-length: 13576
x-amz-id-2: g7BxuOM13H3D/Dp+/s4E1ujur/gii6WAwJCswf/A5vC3DRoSwXO2cvePNNbFYkRIjfMekwlcrrA=
x-amz-request-id: 5DPJQHE6M9177MGE
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: "9c0eb6c2e967eccd837da618bcbde91c"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28870331
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFYtzIirSqfFa3mKEe4vz1l3petnk4nqsboNAZ5HgisO6o%2F1eGUZ5UwlkqFS5TqNh8%2BzlfuVDDlgRXGIMgoETtMakO76BuTESmwsKJqAPjFoSRDVEI%2FBmE2G4nHhDxp%2BiV6onyEu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750602052f7b76ef-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3169
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Last-Modified: Sun, 25 Sep 2022 18:08:31 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.chargebee.com/v2/animation.css
143.204.55.13200 OK 758 B URL HTTP/2 js.chargebee.com/v2/animation.css
IP 143.204.55.13:0
Hash f8a79fc47c28375628855b4c78ff6f85
b2fb79a766c233408a6e0dd38a169dee2e88d4b0
e3b7f54cf81a0ff1f16662abce7b1970ed6a8a8191da96cf05dcf6644d203df3
GET /v2/animation.css HTTP/1.1
Host: js.chargebee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 758
last-modified: Thu, 15 Sep 2022 05:19:25 GMT
x-amz-version-id: 5nQKGbXlEN0YC0apk9RJi1qhuAALmKao
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
date: Sun, 25 Sep 2022 18:57:32 GMT
cache-control: max-age=300,public
etag: "f8a79fc47c28375628855b4c78ff6f85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: m_gSsZdTvCAquvhFccAorIj6aH--4BVKoSro1RzC6pZcKoKkBgiZWg==
age: 231
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.163200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:13:12 GMT
expires: Tue, 19 Sep 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 510488
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.chargebee.com/v2/master-462d72037425e5b57d4075564816847f.html
143.204.55.13200 OK 203 B URL HTTP/2 js.chargebee.com/v2/master-462d72037425e5b57d4075564816847f.html
IP 143.204.55.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fea6444fa4f8ddc8acc92e5ee0de0ac4
4d3980ef42b6de5e9cd7bb803fdc0ae77412c1e6
1bb2720c5d446808ffdef06fa259c25a5f2043f1aa917697d731883f2d9a1f59
GET /v2/master-462d72037425e5b57d4075564816847f.html HTTP/1.1
Host: js.chargebee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 203
last-modified: Wed, 21 Sep 2022 10:33:56 GMT
x-amz-version-id: agxpOGS1sp_l9.VNH4GPqnHeiUpAKRvZ
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
date: Sun, 25 Sep 2022 18:56:59 GMT
cache-control: max-age=300,public
etag: "fea6444fa4f8ddc8acc92e5ee0de0ac4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hIiCC8b0M8WD2WhZ7sBx-c9JRLFjQ9AfUet4NcxLe7SLciT4SgybWg==
age: 264
X-Firefox-Spdy: h2
www.squadhelp.com/domain_audios/cryptoforhealth-187.mp3
192.124.249.108206 Partial Content 50 kB URL HTTP/2 www.squadhelp.com/domain_audios/cryptoforhealth-187.mp3
IP 192.124.249.108:0
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 48 kbps, 24 kHz, Monaural\012- data
Hash 9568a97c4dbb929609d7759e0a9c4b87
f1dca3be4cd20de8e6ba3fa154558562a0c7a9e0
de6eb728f213f9570036e3c6fd682a68471b34c7c92d8d69e5417628d1b07b0e
GET /domain_audios/cryptoforhealth-187.mp3 HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.squadhelp.com/name/cryptoforhealth?lp=d
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: audio/mpeg
content-length: 50301
x-sucuri-id: 19008
last-modified: Sat, 25 Sep 2021 00:52:23 GMT
etag: "614e72c7-c47d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
x-sucuri-cache: HIT
content-range: bytes 0-50300/50301
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 457a5fa6270fecdc7a2e8aa88feffc78
d995963de28ffe97d62062092811a61a284853af
5e3700506e3ea6f3c48f9b57293eb99f3ba5be9e93cd75af5f819eca413c4c88
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E3700506E3EA6F3C48F9B57293EB99F3BA5BE9E93CD75AF5F819ECA413C4C88"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5323
Expires: Sun, 25 Sep 2022 20:30:04 GMT
Date: Sun, 25 Sep 2022 19:01:21 GMT
Connection: keep-alive
img.squadhelp.com/story_images/visual_images/logo-image-36912-cryptoforhealth.jpg?class=show
194.242.11.186200 OK 67 kB URL HTTP/2 img.squadhelp.com/story_images/visual_images/logo-image-36912-cryptoforhealth.jpg?class=show
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 670x402, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 594f7bf55e1431c1185fca33483cbc7c
7688bf75d653277a2ddfb7d7123970933a8a35e8
791ec49d89e253fb06179d8e12606cf0a227f6b5fa6c8daf5fb4d52fa9e3a542
GET /story_images/visual_images/logo-image-36912-cryptoforhealth.jpg?class=show HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: image/webp
content-length: 67388
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Sun, 25 Sep 2022 19:01:20 GMT
x-bo-server: ASB-198
x-downloadsize: 117160
x-bo-origindownloadtime: 9
x-bo-processingtime: 19
x-bo-compressionratio: 42.48%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 19:01:20
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 73691ef35a45010713fcd940d6038744
cdn-cache: MISS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 76a8ceaa264250dcde2ad7ac30907693
d498fa7fdef3699c190d0b606e8a4e209f56478c
de7f44872448777efc78b75ff8370abf57e0765fe7dd9291a6a231f151370cc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3850
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:21 GMT
Last-Modified: Sun, 25 Sep 2022 17:57:11 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6vHcEXtQHPzRepEDuB4b4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3qMBHTb37ysYXCGKa232GtYgN1c=
q.quora.com/_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?j=1&u=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tag=ViewContent&ts=1664132479336
34.234.135.87200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?j=1&u=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tag=ViewContent&ts=1664132479336
IP 34.234.135.87:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?j=1&u=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tag=ViewContent&ts=1664132479336 HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Cookie: __cf_bm=Q06JSJJXLxitujE86rjf6LZtKuZeKFGczPAu4yGIY0A-1664132480-0-AYWC+/PZROSpv7xi+BWh91LtqelmiGbVCs7sKKGE9O3Yfi/sn1gMFat3Qi1wnO7TX79+Bp2BBl5THAICIf46gvQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Sun, 25 Sep 2022 19:01:21 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,1d5a756eec0b545bf8395fb31b36f8a7,10.0.0.129,2372,91.90.42.154,,63568233557,1,1664132481.238,0.002,,.,0,0,0.000,0.000,-,0,0,197,158,79,10,34729,,,,,,-,
Content-Length: 43
Connection: keep-alive
cdn.jsdelivr.net/npm/search-insights@1.3.1
151.101.85.229200 OK 2.9 kB URL HTTP/2 cdn.jsdelivr.net/npm/search-insights@1.3.1
IP 151.101.85.229:0
File type ASCII text, with very long lines (10262)
Hash f66557a8cde2590db029b6b8304378db
11bbbcd7974761b20ec50d17f4049977315d9d08
9ab7d5c8a5762c81158601720fd131bef233a57193e6daaa8d1ad26e5912f1d3
GET /npm/search-insights@1.3.1 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.3.1
x-jsd-version-type: version
etag: W/"2817-FGLI0cv/s1qAA3nM5zLdFEpck2Q"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:01:21 GMT
age: 7062130
x-served-by: cache-fra19130-FRA, cache-bma1649-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2870
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.85.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.85.140:0
File type ASCII text, with very long lines (25224)
Hash 95212d33cfff78ad59f5af5b20c48c53
9b99a4091a6eb716bc68f1428e3c86eca068b25b
bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:01:21 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
vimeo.com/api/oembed.json?url=https%3A%2F%2Fvimeo.com%2F720893092&domain=www.squadhelp.com&id=720893092&autoplay=0
162.159.128.61200 OK 606 B URL HTTP/1.1 vimeo.com/api/oembed.json?url=https%3A%2F%2Fvimeo.com%2F720893092&domain=www.squadhelp.com&id=720893092&autoplay=0
IP 162.159.128.61:0
File type JSON data\012- , ASCII text, with very long lines (1207), with no line terminators
Hash 1b8f17b08757f9ca6a8b9a89201b648e
93816ebaa548dcc36c4294e77edbe0de5420dcff
5da5f3386713614c57a271a5aa3c506040b9de4299f633382f61afd8e1605b53
GET /api/oembed.json?url=https%3A%2F%2Fvimeo.com%2F720893092&domain=www.squadhelp.com&id=720893092&autoplay=0 HTTP/1.1
Host: vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 19:01:21 GMT
Content-Type: application/json
Content-Length: 606
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Sun, 25 Sep 2022 18:49:52 GMT
etag: "6d70a18c4a0686fb9a398eeecc0da4dddd426976"
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
x-bapp-server: pweb-b957659bf-ftbbv
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: webproxy-rollout-prod-varnish-8
x-backend-proxy: webproxy9
Content-Encoding: gzip
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-iad-kjyo7100159-IAD, cache-bma1677-BMA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1664132481.186238,VS0,VE104
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=fXGyaas.KM1oaLrf_dVJQPsd1QIalax0NJaN2h_D4QE-1664132481-0-AazowFqb6YOo8vFUwiyt3nH7w29J00u4uy7Tijh9sI993tdtBHKa5dTshpO01F0oSgVmPXIFqHsVVCANifWHRGs=; path=/; expires=Sun, 25-Sep-22 19:31:21 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 75060207499b0b4d-OSL
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash efbc105b64e9bedb745117b95eff7d95
a9f6b23b36f79f2a86b03ae01f1bcebb82ce8f48
2bbc174ae6feebc8af3d14e1f7b779e4ed25f79fa0d87115a02852fc2ca6eb29
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 19:01:21 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "EF42EFE875A25F79E48A3B3CE2940FA35071787B"
Expires: Mon, 26 Sep 2022 06:00:00 GMT
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 396
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750602084af30b31-OSL
www.squadhelp.com/controllers/users.php?action=get_user_login_data&domain_id=1426948
192.124.249.108200 OK 143 B URL HTTP/2 www.squadhelp.com/controllers/users.php?action=get_user_login_data&domain_id=1426948
IP 192.124.249.108:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ae8b95cca9cb020c3f3c838070dbe110
b7dd7d5abc77c0c568525026f12977cfd76b9ee6
b8f9e2079d0b08662d26ec77f82ed466d23fc1c14d4b7cb9fd6a948c9a15322c
GET /controllers/users.php?action=get_user_login_data&domain_id=1426948 HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.squadhelp.com/name/cryptoforhealth?lp=d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:21 GMT
content-type: text/html; charset=UTF-8
content-length: 143
x-sucuri-id: 19008
set-cookie: PHPSESSID=cdn38p2d8jb7ua79ndi9sbvio2; expires=Mon, 26-Sep-2022 19:01:21 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1bacbbb327e15f0260413ffab1185da
e272044ff0054faa7e9c03100ef51131110cf4ee
32c59995cea225844313d160618894dc8389aec5df2ca4e363287156339e714b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3469
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:21 GMT
Last-Modified: Sun, 25 Sep 2022 18:03:32 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash eb3dc04f585fa1063ef30ab3725424d2
360e68c2da201884b20250759138fafed24e53b9
e8384d96d4793d821fbd68a70ee913cb7bd0877a365ca5b911e23c3a3966f005
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 19:01:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 03:27:39 GMT
Expires: Fri, 30 Sep 2022 03:27:38 GMT
Etag: "360e68c2da201884b20250759138fafed24e53b9"
Cache-Control: max-age=375376,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7506020938ce1c0e-OSL
insights.algolia.io/1/events?X-Algolia-Application-Id=UY28JH5EE6&X-Algolia-API-Key=eef4bbb1b2bf44af3b7b0b62d16a28fb&X-Algolia-Agent=insights-js%20(1.3.0)%3B%20insights-gtm%20(1.0.1)
34.96.112.9200 OK 29 B URL HTTP/2 insights.algolia.io/1/events?X-Algolia-Application-Id=UY28JH5EE6&X-Algolia-API-Key=eef4bbb1b2bf44af3b7b0b62d16a28fb&X-Algolia-Agent=insights-js%20(1.3.0)%3B%20insights-gtm%20(1.0.1)
IP 34.96.112.9:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ca1d7c9f272503952d3bf37cc4a649bd
7129c38467ef8cd3e902fe034328071f5cd07602
e5ddba99266abd003aa6eef168bc2a2bea5e69b1e0d1fc4373150934ab5dd76a
POST /1/events?X-Algolia-Application-Id=UY28JH5EE6&X-Algolia-API-Key=eef4bbb1b2bf44af3b7b0b62d16a28fb&X-Algolia-Agent=insights-js%20(1.3.0)%3B%20insights-gtm%20(1.0.1) HTTP/1.1
Host: insights.algolia.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 145
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.squadhelp.com
content-type: application/json
vary: Origin
date: Sun, 25 Sep 2022 19:01:21 GMT
content-length: 29
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
player.vimeo.com/video/720893092?h=eddf4f3cf1&app_id=122963
162.159.138.60200 OK 5.5 kB URL HTTP/1.1 player.vimeo.com/video/720893092?h=eddf4f3cf1&app_id=122963
IP 162.159.138.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (18960)
Hash d25531882ba38f7170c4b2c7b694de86
94e45d058b849491ec8685c5fde64cf03355ff79
a9303857e3c68ff5691c7b4d275690056e61de5d5e53223ba697e95cb3df9c06
GET /video/720893092?h=eddf4f3cf1&app_id=122963 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 19:01:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Sun, 25 Sep 2022 19:10:02 GMT
x-host: player-84c9846b45-9f95q
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-9
x-backend-proxy: playproxy10
x-bapp-server: player-84c9846b45-9f95q
Age: 0
X-Served-By: cache-bma1676-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664132481.492461,VS0,VE123
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=DgCv5z4owj3HdwxvV5EMRj3zb6AAnVo4bCNw7P2sCt4-1664132481-0-AW6ceQ+IB+atNZFCEIhmKXc3wf9VHo/NK9MeW8fIqoym4euZqka6Qf+af7XtWJAfdlLU0TK/iLuanNB6goljQno=; path=/; expires=Sun, 25-Sep-22 19:31:21 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 750602093dffb517-OSL
Content-Encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash eb3dc04f585fa1063ef30ab3725424d2
360e68c2da201884b20250759138fafed24e53b9
e8384d96d4793d821fbd68a70ee913cb7bd0877a365ca5b911e23c3a3966f005
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 19:01:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 03:27:39 GMT
Expires: Fri, 30 Sep 2022 03:27:38 GMT
Etag: "360e68c2da201884b20250759138fafed24e53b9"
Cache-Control: max-age=375376,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7506020a29d21c0e-OSL
f.vimeocdn.com/p/4.10.1/css/player.css
151.101.86.109200 OK 20 kB URL HTTP/2 f.vimeocdn.com/p/4.10.1/css/player.css
IP 151.101.86.109:0
File type ASCII text, with very long lines (65495)
Hash 674ea13d207a5c2820c92eb236796548
439a3a05f926e21e43ed043e47197aec6c02358f
99105d0c1f2a3eee4823bc2f2151f1747c3f7fa45df401596bc2273328abc22f
GET /p/4.10.1/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:01:21 GMT
age: 429830
x-served-by: cache-iad-kjyo7100154-IAD, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 61, 82534
x-timer: S1664132482.717436,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20284
X-Firefox-Spdy: h2
www.squadhelp.com/controllers/marketplace.php?action=record_show_page&mp_domain_id=1426948&domain_selling_price=2999&date_recache_time=2022-09-25&query_id=
192.124.249.108200 OK 112 B URL HTTP/2 www.squadhelp.com/controllers/marketplace.php?action=record_show_page&mp_domain_id=1426948&domain_selling_price=2999&date_recache_time=2022-09-25&query_id=
IP 192.124.249.108:0
Hash 0347b084fcf96e3d1da97b71dd0c1be3
edd264606615ac8f0410b489e616ac26e234931e
1d5c342d26113de8d8ca4e5508925689ec12b7190a3645184238019508d542c9
GET /controllers/marketplace.php?action=record_show_page&mp_domain_id=1426948&domain_selling_price=2999&date_recache_time=2022-09-25&query_id= HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.squadhelp.com/name/cryptoforhealth?lp=d
Cookie: lpg=/name/CryptoForHealth
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:21 GMT
content-type: text/html; charset=UTF-8
content-length: 112
x-sucuri-id: 19008
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: PHPSESSID=782aa65cai8e6v1eeu9obfc0c6; expires=Mon, 26-Sep-2022 19:01:21 GMT; Max-Age=86400; path=/
smart_cat_id=482; expires=Tue, 25-Oct-2022 19:01:21 GMT; Max-Age=2592000; path=/
vary: Accept-Encoding
content-encoding: gzip
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.86.109200 OK 997 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (1839)
Hash a726e1c270a0429ccce67d981a12ac33
7319cca36fa04ee8d74ea677a0bb5dd113649011
2601818bf89176145a614b0d50b1ef1cd95272a5bc6be5526d54c464f6172dbf
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:01:21 GMT
age: 524643
x-served-by: cache-iad-kiad7000169-IAD, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 86998
x-timer: S1664132482.739608,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d.jpg?mw=80&q=85
151.101.86.109200 OK 1.5 kB URL HTTP/2 i.vimeocdn.com/video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d.jpg?mw=80&q=85
IP 151.101.86.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash 5e87158ee30c950b032e6335be012e5b
469828cd2eb6bef44f0a91b4a864318ac99af3c9
2351ff70736da33512a32489ea9bf8c6b68bc6dcc6e9275f105e6db5ac42d90a
GET /video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: 5e87158ee30c950b032e6335be012e5b
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-east1-5tk1
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:01:21 GMT
age: 2278025
x-served-by: cache-dfw-kdfw8210114-DFW, cache-bma1656-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664132482.739042,VS0,VE1
content-length: 1518
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.10.1/js/player.js
151.101.86.109200 OK 212 kB URL HTTP/2 f.vimeocdn.com/p/4.10.1/js/player.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (64649)
Size 212 kB (212091 bytes)
Hash 0178a74556a8c2ae4b0adc1e5896add3
a2187164dbe08839a3bed391ee10f5b3ef24542b
0ab6e243b2068c5ba3620a078364c9b73c7075d70f8e73a00be48fad7bf707ae
GET /p/4.10.1/js/player.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:01:21 GMT
age: 429830
x-served-by: cache-iad-kcgs7200127-IAD, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 52, 63965
x-timer: S1664132482.739405,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
content-length: 212091
X-Firefox-Spdy: h2
squadhelp.chargebeestaticv2.com/api/internal/1664132400/retrieve_js_info
54.230.111.36202 Accepted 0 B URL HTTP/2 squadhelp.chargebeestaticv2.com/api/internal/1664132400/retrieve_js_info
IP 54.230.111.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/internal/1664132400/retrieve_js_info HTTP/1.1
Host: squadhelp.chargebeestaticv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://js.chargebee.com/
Origin: https://js.chargebee.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
content-length: 0
date: Sun, 25 Sep 2022 19:01:21 GMT
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
pragma: no-cache
access-control-allow-origin: https://js.chargebee.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
access-control-allow-methods: GET, OPTIONS, POST
server: ChargeBee
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V93FEwC-5g_5FJomC8u_B2PP-wVD2Iy9jfpoVujxztkXpycEMC-XQQ==
X-Firefox-Spdy: h2
acsbapp.com/apps/app/dist/js/app.js
138.128.247.123200 OK 142 kB URL HTTP/2 acsbapp.com/apps/app/dist/js/app.js
IP 138.128.247.123:0
File type Unicode text, UTF-8 text, with very long lines (60586), with no line terminators
Size 142 kB (142538 bytes)
Hash f6429285c0267fc45cd523418fecbbff
b17b4986d6466b1e6cab3ab8b55138b45b6d7a54
5875f0adb95efe54df82f709cb4d31ca35806506eba1dffb2749dbfc914158cb
GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Mon, 26 Sep 2022 19:01:21 GMT
content-type: application/x-javascript
last-modified: Wed, 31 Aug 2022 21:34:49 GMT
etag: "6ab2a-630fd3f9-af3ebb833015feec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 142538
date: Sun, 25 Sep 2022 19:01:21 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
www.squadhelp.com/views/users/us_tier_two_checker.php
192.124.249.108200 OK 16 kB URL HTTP/2 www.squadhelp.com/views/users/us_tier_two_checker.php
IP 192.124.249.108:0
File type HTML document, ASCII text, with very long lines (1654)
Hash 645bed2961037fff36142922f61e9116
48ea707cd6f8df1b6e90ee063764cd3245eb55a3
c7a2f8072bfe22c7e451082607180e57340320c999bcec61b50d36943730d782
GET /views/users/us_tier_two_checker.php HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.squadhelp.com/name/cryptoforhealth?lp=d
Cookie: lpg=/name/CryptoForHealth
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:21 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 19008
vary: Accept-Encoding, Accept-Encoding
set-cookie: PHPSESSID=rmj712fmdkg6t50nt47asam163; expires=Mon, 26-Sep-2022 19:01:21 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
www.squadhelp.com/favicon.ico
192.124.249.108200 OK 1.0 kB URL HTTP/2 www.squadhelp.com/favicon.ico
IP 192.124.249.108:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1504f785a65bf56ab21f3fe867a96f0e
4facb4c315e00d52ae2a5862936dd5795678ee05
38565e8e330d53df0489d117e37d016cb9abe5b811d48c2049810a605f55b447
GET /favicon.ico HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/cryptoforhealth?lp=d
Cookie: lpg=/name/CryptoForHealth; _gcl_au=1.1.1740531873.1664132480; ahash=b96lwtpNh; user_navigation_history=/name/cryptoforhealth; _ALGOLIA=anonymous-3600efbb-f917-4b62-9147-cc765e0fea29; _rdt_uuid=1664132479806.614c88dc-e890-4ba5-8b36-afcbd5f0b6dc; PHPSESSID=782aa65cai8e6v1eeu9obfc0c6; _ga_VJ36JWQDE1=GS1.1.1664132479.1.0.1664132479.0.0.0; _ga=GA1.1.22261511.1664132480; total_shortlisted_count=; smart_cat_id=482
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:21 GMT
content-type: image/x-icon
content-length: 1005
x-sucuri-id: 19008
last-modified: Thu, 13 Aug 2015 11:52:45 GMT
etag: "55cc850d-3ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dab3e5282ac0f1ca4b167bf147382439
746358bc1c029a5ddeb3f8679020f07109f9fbea
fd299b43eafa48b711fafa6509c1d7580681e2a11ded1c24678e76a9fcef555d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6227
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:21 GMT
Last-Modified: Sun, 25 Sep 2022 17:17:34 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 3.1 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=62173
date: Sun, 25 Sep 2022 19:01:22 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 3.2 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (8072), with no line terminators
Hash 9b19340ef7db3cbb26aa923adb8dbe6e
082e699bca6e80ca6c72a43f2894f4a32e785e26
c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sun, 25 Sep 2022 19:21:22 GMT
Date: Sun, 25 Sep 2022 19:01:22 GMT
Content-Length: 3249
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 25 Sep 2022 18:41:09 GMT
expires: Sun, 25 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 1213
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=2675EFEE42F7661B2E50FDC443A067EF; domain=.bing.com; expires=Fri, 20-Oct-2023 19:01:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9DC3A4852A34427DB015AD64568AE45C Ref B: OSL30EDGE0412 Ref C: 2022-09-25T19:01:21Z
date: Sun, 25 Sep 2022 19:01:21 GMT
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1344021/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1344021/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58481)
Hash f343370b39bf732828998ebf5729af92
82377a84e1c0e21e9a11e95dd4b716468057aad8
b30b2618b55faba1d8dde9e64f62c651086f5342d99b1a5df2c249d28d7f23f0
GET /libtrc/unip/1344021/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /PTkitvIxM5eSz19LXwahkqA45EJjFuOzGqn9To/oaRvTiTcbrawPok/olMaDog3ANSrvcHEilY=
x-amz-request-id: 52X3M245KD6C55AE
x-amz-replication-status: COMPLETED
last-modified: Sun, 25 Sep 2022 11:18:26 GMT
etag: "d2f48a501ad9154d88d201c3e099b7c7"
x-amz-version-id: dGqGV7HHnlpo3p4UBTBszrGF4CE89X__
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:01:22 GMT
via: 1.1 varnish
age: 27737
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664132482.020863,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 91
content-length: 17946
X-Firefox-Spdy: h2
js.chargebee.com/v2/pi-worker-462d72037425e5b57d4075564816847f.js
143.204.55.13200 OK 47 kB URL HTTP/2 js.chargebee.com/v2/pi-worker-462d72037425e5b57d4075564816847f.js
IP 143.204.55.13:0
File type ASCII text, with very long lines (52043)
Hash 25090439b26bf8dd20716c502c792e09
964a2b0f59acf9c7b4ce684c5f6944b3b308c7b9
0238b7c0ac48c418016bf7a6ddabdfdacd9d054a0b0e72b1f1ecc6ce08881129
GET /v2/pi-worker-462d72037425e5b57d4075564816847f.js HTTP/1.1
Host: js.chargebee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.chargebee.com/v2/master-462d72037425e5b57d4075564816847f.html
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 10:33:55 GMT
x-amz-version-id: ba20pViTLkzhAyjbjArW44HCva.qemAr
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 25 Sep 2022 18:57:49 GMT
cache-control: max-age=300,public
etag: W/"f1462fce58a639733d1accf818d861fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ccIFEznsZsMHBw-IpcsLCmdM4SPCTzBUunoRQbe8ww_c5-zUbvnYcQ==
age: 216
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.vimeocdn.com/video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d?mw=400&mh=225
151.101.86.109200 OK 7.4 kB URL HTTP/2 i.vimeocdn.com/video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d?mw=400&mh=225
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Hash f47dd243092856f9943edfb421fc4d73
f4257acd477ec4a7b3e4fd7620ecabe15f2bcf0e
1827b99aa6a2e3f40f0b7661ae62a2c58e928c829b684443e14ba33b5ed680e9
GET /video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d?mw=400&mh=225 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: f47dd243092856f9943edfb421fc4d73
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-s9qd
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:01:22 GMT
age: 1560376
x-served-by: cache-dfw-kdfw8210092-DFW, cache-bma1656-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664132482.040813,VS0,VE18
vary: Accept
content-length: 7407
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash 1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:01:22 GMT
x-served-by: cache-iad-kiad7000137-IAD, cache-bma1644-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dab3e5282ac0f1ca4b167bf147382439
746358bc1c029a5ddeb3f8679020f07109f9fbea
fd299b43eafa48b711fafa6509c1d7580681e2a11ded1c24678e76a9fcef555d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6228
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Last-Modified: Sun, 25 Sep 2022 17:17:34 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1664132480371&cv=9&fst=1664132480371&num=1&fmt=3&value=0&label=DP_eCJK8xO0BENGCzOsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&auid=1740531873.1664132480&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
142.250.74.98200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1664132480371&cv=9&fst=1664132480371&num=1&fmt=3&value=0&label=DP_eCJK8xO0BENGCzOsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&auid=1740531873.1664132480&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
IP 142.250.74.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1030947153/?random=1664132480371&cv=9&fst=1664132480371&num=1&fmt=3&value=0&label=DP_eCJK8xO0BENGCzOsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&auid=1740531873.1664132480&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:01:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Sep-2022 19:16:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-VJ36JWQDE1>m=2oe9l0&_p=1491405078&cid=22261511.1664132480&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664132479&sct=1&seg=0&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&dt=CryptoForHealth.com%20is%20for%20sale&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-VJ36JWQDE1>m=2oe9l0&_p=1491405078&cid=22261511.1664132480&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664132479&sct=1&seg=0&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&dt=CryptoForHealth.com%20is%20for%20sale&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-VJ36JWQDE1>m=2oe9l0&_p=1491405078&cid=22261511.1664132480&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664132479&sct=1&seg=0&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&dt=CryptoForHealth.com%20is%20for%20sale&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.squadhelp.com
date: Sun, 25 Sep 2022 19:01:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1664132480368&cv=9&fst=1664132480368&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&data=ecomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&auid=1740531873.1664132480&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1664132480368&cv=9&fst=1664132480368&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&data=ecomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&auid=1740531873.1664132480&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2346), with no line terminators
Hash 6f99f040ddf6bcd9a4cc76aac99e1df1
1d161350d9c20329b7b62d6b68af3d553aa81f39
5c9b48a22d0e31519eeed0f13cefce755d0095dd3be09a6cfebd17b369d7c10c
GET /pagead/viewthroughconversion/1030947153/?random=1664132480368&cv=9&fst=1664132480368&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&data=ecomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&auid=1740531873.1664132480&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:01:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1062
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Sep-2022 19:16:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1664132480381&cv=9&fst=1664132480381&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&auid=1740531873.1664132480&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1664132480381&cv=9&fst=1664132480381&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&auid=1740531873.1664132480&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2338), with no line terminators
Hash cf51987ee2bfa01ae400b01eda31d566
f91169e3a7e3218d74f40218d1c7fd499dbe5462
e251a96e30dd68d0c6e19cec69b7d409f784a2a7f4ee9c16e2edf75417353d0e
GET /pagead/viewthroughconversion/1030947153/?random=1664132480381&cv=9&fst=1664132480381&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&auid=1740531873.1664132480&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:01:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1060
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Sep-2022 19:16:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 1.1 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2369), with no line terminators
Hash 6c85a864c1ba5adf1241620ca627e500
3dd98ec14139d148a0d8ceab397ed528967646b3
cfe5e77bf5142fba85cca1658483480edb8c478e55dae65ceb5554a85f2c3a4d
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 07:11:34 GMT
expires: Fri, 22 Sep 2023 07:11:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 301787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alb.reddit.com/rp.gif?ts=1664132479806&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=614c88dc-e890-4ba5-8b36-afcbd5f0b6dc&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1664132479806&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=614c88dc-e890-4ba5-8b36-afcbd5f0b6dc&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1664132479806&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=614c88dc-e890-4ba5-8b36-afcbd5f0b6dc&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:01:22 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 0bcc093f0f77a6bca804ec9bee4ec9fb
d23baaa24cd59063eec9afb5a689250361c781aa
4dc885f73ac32a17192cd580f47c37288b22c5afcbcf7b1420dd30d0a0a2c22d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 19:01:22 GMT
Last-Modified: Sun, 25 Sep 2022 17:31:38 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rP5uhjFqpaRsnWLf1CEdKhGjE3-b2bXA4O2W5X62KRdyNd33R7GWLw==
Age: 5384
tags.srv.stackadapt.com/events.js
52.21.81.76200 OK 5.4 kB URL HTTP/1.1 tags.srv.stackadapt.com/events.js
IP 52.21.81.76:0
File type ASCII text, with very long lines (16677)
Hash 57b85f2b6390905975c291f7fd5a4d62
af93681b9de1495c4498ae8338b37ebca354b3ea
d6e9f07abbac73d27f5135db47f51305fc17d358d00752f02d4b09b4de6d4628
GET /events.js HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Content-Encoding: gzip
Content-Type: text/javascript
Date: Sun, 25 Sep 2022 19:01:22 GMT
Set-Cookie: sa-user-id=s%3A0-41c498ce-90bb-40b7-6293-a110ac65c75c.M6yMbfplcR%2FqRpf1QJPX0K2XYbOpBY%2BI9tN0aDF4rvw; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AQcSYzpC7QLdik6EQrGXHXFtaKpo.V7Ny5%2B%2BrUUxexyamFCALPZ3Dle%2FftrjxjvvRCJOMW1Q; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 5409
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 8908a4b5d446f5f47586fe5a000c7c88
75c8c0179f776e1547fd23e70c2e9543f61eab29
ea2be68ff6c223ddba8f069bc63366fbe56d06eaa3c00925361e400b3fa8ca08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2800
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Last-Modified: Sun, 25 Sep 2022 18:14:42 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 312
tags.srv.stackadapt.com/sa.css
52.21.81.76200 OK 27 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.css
IP 52.21.81.76:0
Hash 83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Sun, 25 Sep 2022 19:01:22 GMT
Content-Length: 27
Connection: keep-alive
cdn.acsbapp.com/cache/app/squadhelp.com/config.json
83.229.67.229200 OK 159 B URL HTTP/2 cdn.acsbapp.com/cache/app/squadhelp.com/config.json
IP 83.229.67.229:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1d0a80415ce9280b93af137afb6935c0
1714a2c038ec6e14132472d1120a889efc90278a
aefdf2d9e1f4041fdf61e903d8b91c7ab6c38f4e62b1722f7f299cd626c967bb
GET /cache/app/squadhelp.com/config.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Mon, 26 Sep 2022 19:01:22 GMT
content-type: application/json
last-modified: Sun, 25 Sep 2022 19:00:19 GMT
etag: "9f-6330a543-460ec9174bf9993c;;;"
accept-ranges: bytes
content-length: 159
date: Sun, 25 Sep 2022 19:01:22 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=66a130aa-9648-4ddc-afc1-ba7a524f7d95&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=78cfe4c6-967e-4523-ae3f-e54e6d4bb603&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.27
104.244.42.69200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=66a130aa-9648-4ddc-afc1-ba7a524f7d95&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=78cfe4c6-967e-4523-ae3f-e54e6d4bb603&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.27
IP 104.244.42.69:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=66a130aa-9648-4ddc-afc1-ba7a524f7d95&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=78cfe4c6-967e-4523-ae3f-e54e6d4bb603&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:01:22 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=ee83b38a-3a17-42c5-b392-99917c4673da; Max-Age=63072000; Expires=Tue, 24 Sep 2024 19:01:22 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 106ae4ebeb6dbdbd
strict-transport-security: max-age=0
x-response-time: 105
x-connection-hash: a9ab35757e95061d5825854f812760e5a2cc047b25f37b25c209b8aed4863561
X-Firefox-Spdy: h2
www.clarity.ms/tag/3xq9rdybkj
13.107.219.53200 OK 1.7 kB URL HTTP/2 www.clarity.ms/tag/3xq9rdybkj
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash c361fac9749597382fe00fe07334d713
8b8ccaa08239c915c483cdd654a93962fe6f6bf0
6cb1cbe5af3fa15c1b540d7c8205c4aa1fa0d3edbf409dc46022ba0add548d73
GET /tag/3xq9rdybkj HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=a9947c9c0dce4e8581bd9aca003a77a8.20220925.20230925; expires=Mon, 25 Sep 2023 19:01:22 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0gqUwYwAAAADa/6Jy/22cS5SjaksX3EWGT1NMMjMxMDUwMjA1MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Sun, 25 Sep 2022 19:01:21 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=9c157f8c-308d-422e-ab1b-3ac94261d08e&sid=71474a703d0411edb6acbb7bd6aa4706&vid=714786f03d0411edaf1ae99624b03f3a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=CryptoForHealth.com%20is%20for%20sale&p=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&r=<=1087&evt=pageLoad&sv=1&rn=860312
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=9c157f8c-308d-422e-ab1b-3ac94261d08e&sid=71474a703d0411edb6acbb7bd6aa4706&vid=714786f03d0411edaf1ae99624b03f3a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=CryptoForHealth.com%20is%20for%20sale&p=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&r=<=1087&evt=pageLoad&sv=1&rn=860312
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=15226519&tm=gtm002&Ver=2&mid=9c157f8c-308d-422e-ab1b-3ac94261d08e&sid=71474a703d0411edb6acbb7bd6aa4706&vid=714786f03d0411edaf1ae99624b03f3a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=CryptoForHealth.com%20is%20for%20sale&p=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&r=<=1087&evt=pageLoad&sv=1&rn=860312 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3AD9DEEFB70B624015B2CCC5B65C6333; domain=.bing.com; expires=Fri, 20-Oct-2023 19:01:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 58B4847788C44157A8F24FBB6576341E Ref B: OSL30EDGE0412 Ref C: 2022-09-25T19:01:22Z
date: Sun, 25 Sep 2022 19:01:21 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9f61c5ada09e4fa747144a96e95a943f
e7f3119b4d75a72dd0409673b9789ac1f3233d23
95afa75f054462b0db7b7b59ebadecc07ce8e4eac12b07e76645848983c52bcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/15226519.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/15226519.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/15226519.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3341613CFD7161A304EB7316FC26605A; domain=.bing.com; expires=Fri, 20-Oct-2023 19:01:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8EAA69ABD5646C4BD78C56E7FA0D425 Ref B: OSL30EDGE0412 Ref C: 2022-09-25T19:01:22Z
date: Sun, 25 Sep 2022 19:01:21 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5469
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 19:01:22 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7d3af2ee9fab725d73a32e769d9b6a88
5a6e540b98b8e96c0971e39ec9a5bde86567dbe9
c3a7b64bf14c5843d488542c79a21fbd0c37c6a01b13ee4e2752aaa6d0338c34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5497
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Last-Modified: Sun, 25 Sep 2022 17:29:45 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5469
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 19:01:22 GMT
Connection: keep-alive
www.google.no/pagead/1p-conversion/1030947153/?random=1664132480371&cv=9&fst=1664132480371&num=1&value=0&label=DP_eCJK8xO0BENGCzOsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&auid=1740531873.1664132480&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/1030947153/?random=1664132480371&cv=9&fst=1664132480371&num=1&value=0&label=DP_eCJK8xO0BENGCzOsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&auid=1740531873.1664132480&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1030947153/?random=1664132480371&cv=9&fst=1664132480371&num=1&value=0&label=DP_eCJK8xO0BENGCzOsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&auid=1740531873.1664132480&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:01:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5469
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 19:01:22 GMT
Connection: keep-alive
www.google.no/pagead/1p-user-list/1030947153/?random=1664132480381&cv=9&fst=1664132400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&async=1&fmt=3&is_vtc=1&random=3638585466&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1664132480381&cv=9&fst=1664132400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&async=1&fmt=3&is_vtc=1&random=3638585466&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1664132480381&cv=9&fst=1664132400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&async=1&fmt=3&is_vtc=1&random=3638585466&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:01:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1030947153/?random=1664132480368&cv=9&fst=1664132400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&data=ecomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&async=1&fmt=3&is_vtc=1&random=777323892&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1664132480368&cv=9&fst=1664132400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&data=ecomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&async=1&fmt=3&is_vtc=1&random=777323892&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1664132480368&cv=9&fst=1664132400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&data=ecomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&async=1&fmt=3&is_vtc=1&random=777323892&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:01:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1030947153/?random=1664132480379&cv=9&fst=1664132400000&num=1&label=Jf_hCIzXoNECENGCzOsD&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&async=1&fmt=3&is_vtc=1&random=4082717451&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1664132480379&cv=9&fst=1664132400000&num=1&label=Jf_hCIzXoNECENGCzOsD&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&async=1&fmt=3&is_vtc=1&random=4082717451&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1664132480379&cv=9&fst=1664132400000&num=1&label=Jf_hCIzXoNECENGCzOsD&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tiba=CryptoForHealth.com%20is%20for%20sale&async=1&fmt=3&is_vtc=1&random=4082717451&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:01:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AUP008gGlSrFqpBchTjjVV_XeQ1FJOvQA2r0SZ4mPXl28oorahDozQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 23:04:17 GMT
age: 71825
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5469
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 19:01:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:35:25 GMT
age: 73557
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LryqVGSkKbiNOwcqXMULY9FXbOuZBBenjgGPDME3NZLZOdp5divXmw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 23:04:29 GMT
age: 71813
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9773faaac4deac40b96cd0802e974f36
db601663fa6ee5564eddaf8d3d84c7b04bf3871c
40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5305
x-amzn-requestid: 59b495fa-84c9-49cf-a650-03b0c437aca9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5KBEGWEoAMFocQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d23a0-510ad8241626a21422b23ca1;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:10:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OIXYh4Zely6SqOTmWzrSY_W3-FiNFqNgdzH4BF6GZNUTwFiOJPFYXw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 05:59:48 GMT
age: 46894
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 05:46:37 GMT
age: 47685
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-11585500-1&cid=22261511.1664132480&jid=877964074&gjid=204742739&_gid=1481154239.1664132481&_u=aCDAgEADQAAAAG~&z=1512733871
64.233.162.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-11585500-1&cid=22261511.1664132480&jid=877964074&gjid=204742739&_gid=1481154239.1664132481&_u=aCDAgEADQAAAAG~&z=1512733871
IP 64.233.162.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-11585500-1&cid=22261511.1664132480&jid=877964074&gjid=204742739&_gid=1481154239.1664132481&_u=aCDAgEADQAAAAG~&z=1512733871 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.squadhelp.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 25 Sep 2022 19:01:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: ea880fac-e784-4640-bdd9-e92b1ec60ca5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7tK_G_9IAMF2Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e28ac-5e790cfa224dcf23731b4c31;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:44:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: p-9YGmlS4cf0umEioJuAKcha4JrS0xXmm8ALqCgDiUdWFZOlXztF6w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 07:51:51 GMT
age: 40171
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1664132480684&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1664132480684&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34987&time=1664132480684&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1664132480684%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fname%252Fcryptoforhealth%253Flp%253Dd%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJgGaVj5g6GpAAAAYN2BoZ7eCX--gztmto-VbLjsygtr9-j8VsaIM42EUUomvSZcsTa25PJlPpniA; Max-Age=2592000; Expires=Tue, 25 Oct 2022 19:01:22 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJ5gaid17iPiwAAAYN2BoZ77G_YL-ex7SRnNZT3ta89vG2oP_vw8yGbpOTBVZas7nyFZhUs_sdDxJOIm91l0w; Max-Age=2592000; Expires=Tue, 25 Oct 2022 19:01:22 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&fbb37990-4275-401a-8493-6335a80ae3d0"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 25-Sep-2023 19:01:22 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2349:u=1:x=1:i=1664132482:t=1664218882:v=2:sig=AQF7M14H-FagG8rd9duMVc1Gq-McAf_w"; Expires=Mon, 26 Sep 2022 19:01:22 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXphQl9LZd0P2jvtHvphw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6E9E957F3CBD4A008E25924793B4E002 Ref B: OSL30EDGE0209 Ref C: 2022-09-25T19:01:22Z
date: Sun, 25 Sep 2022 19:01:22 GMT
content-length: 0
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&rl=&if=false&ts=1664132481168&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1664132481167.1384285985&it=1664132480715&coo=false&tm=1&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&rl=&if=false&ts=1664132481168&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1664132481167.1384285985&it=1664132480715&coo=false&tm=1&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&rl=&if=false&ts=1664132481168&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1664132481167.1384285985&it=1664132480715&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sun, 25 Sep 2022 19:01:22 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 183bb1d95d5f9d2f92660bb80c38143c
76d3028cab692ee9bba86ff3c41d6e65c19ae9bb
22b15b9cacbe432e9199a82ea9b649f63d6550b6bccca3e711ec18d1ec061642
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5174
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Last-Modified: Sun, 25 Sep 2022 17:35:08 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 183bb1d95d5f9d2f92660bb80c38143c
76d3028cab692ee9bba86ff3c41d6e65c19ae9bb
22b15b9cacbe432e9199a82ea9b649f63d6550b6bccca3e711ec18d1ec061642
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4576
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Last-Modified: Sun, 25 Sep 2022 17:45:06 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
IP 142.250.74.3:0
Hash 6c624ca09ab26da2dca3770e5d631ecf
4f35a28b7407293f817b8c52bdf9154320e7d65f
338f426e1384937381a35ce5b6b8afaa302b2c089eb2bd0b4c43cebc6e34fee1
POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=66a130aa-9648-4ddc-afc1-ba7a524f7d95&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=78cfe4c6-967e-4523-ae3f-e54e6d4bb603&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.27
104.244.42.67200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=66a130aa-9648-4ddc-afc1-ba7a524f7d95&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=78cfe4c6-967e-4523-ae3f-e54e6d4bb603&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.27
IP 104.244.42.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=66a130aa-9648-4ddc-afc1-ba7a524f7d95&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=78cfe4c6-967e-4523-ae3f-e54e6d4bb603&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:01:22 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_spZKY5rXMLKQLhfP44PYGg=="; Max-Age=63072000; Expires=Tue, 24 Sep 2024 19:01:22 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: d0c3e6ff25fb9d3f
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: 427695acd49392c28eb5fa2bc7728e5cf2ca19e2dc628c9f9ec5761cbf9ad758
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=776488579087398&ev=ViewContent&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&rl=&if=false&ts=1664132481171&cd[content_type]=product&cd[content_ids]=%5B%271426948%27%5D&cd[value]=2999&cd[currency]=USD&cd[content_category]=Cryptocurrency%2C%20Blockchain&cd[content_name]=CryptoForHealth.com&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1664132481167.1384285985&it=1664132480715&coo=false&tm=1&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=776488579087398&ev=ViewContent&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&rl=&if=false&ts=1664132481171&cd[content_type]=product&cd[content_ids]=%5B%271426948%27%5D&cd[value]=2999&cd[currency]=USD&cd[content_category]=Cryptocurrency%2C%20Blockchain&cd[content_name]=CryptoForHealth.com&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1664132481167.1384285985&it=1664132480715&coo=false&tm=1&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=776488579087398&ev=ViewContent&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&rl=&if=false&ts=1664132481171&cd[content_type]=product&cd[content_ids]=%5B%271426948%27%5D&cd[value]=2999&cd[currency]=USD&cd[content_category]=Cryptocurrency%2C%20Blockchain&cd[content_name]=CryptoForHealth.com&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1664132481167.1384285985&it=1664132480715&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sun, 25 Sep 2022 19:01:22 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
IP 142.250.74.3:0
Hash 6c624ca09ab26da2dca3770e5d631ecf
4f35a28b7407293f817b8c52bdf9154320e7d65f
338f426e1384937381a35ce5b6b8afaa302b2c089eb2bd0b4c43cebc6e34fee1
POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.outbrain.com/unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&optOut=false&bust=07809288368970532&referrer=
64.202.112.63200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&optOut=false&bust=07809288368970532&referrer=
IP 64.202.112.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&optOut=false&bust=07809288368970532&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 19:01:22 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: b1199d6e3ca96ccff4d04ebe2b4598ec
content-encoding: gzip
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=5a5bc7bc18fa5db6a502df43174a365ad75562891664132481
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=5a5bc7bc18fa5db6a502df43174a365ad75562891664132481
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=5a5bc7bc18fa5db6a502df43174a365ad75562891664132481 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1477
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Sun, 25 Sep 2022 19:01:22 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc
64.202.112.63200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc
IP 64.202.112.63:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 19:01:22 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 74e176371cb865f6df9a6839f67415a8
content-encoding: gzip
tags.srv.stackadapt.com/sa.jpeg
52.21.81.76200 OK 651 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.jpeg
IP 52.21.81.76:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash c152e4e1b3691af833f339a0caac6c32
257e337aba0723f8c7e839ff126cb5c83e3e52fc
b58641de13f60d5d9e785b392ed14a85de93982125807f48682903811e669993
GET /sa.jpeg HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: image/jpeg
Date: Sun, 25 Sep 2022 19:01:22 GMT
Content-Length: 651
Connection: keep-alive
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Sun, 25 Sep 2022 19:01:22 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&t=CryptoForHealth.com%20is%20for%20sale&tip=gOJWQh4WS548vUnmXyjKuPDTeWsnYWCURjWgkk8_HiY&host=https://www.squadhelp.com&sa-user-id-v2=s%253A0-41c498ce-90bb-40b7-6293-a110ac65c75c%2524ip%252491.90.42.154.9DyGmogIQKyGUGSNbTMrxziF%252BZdFR5qDOxn3s97SnZE&sa-user-id=s%253A0-41c498ce-90bb-40b7-6293-a110ac65c75c.M6yMbfplcR%252FqRpf1QJPX0K2XYbOpBY%252BI9tN0aDF4rvw
52.21.81.76200 OK 116 B URL HTTP/1.1 tags.srv.stackadapt.com/saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&t=CryptoForHealth.com%20is%20for%20sale&tip=gOJWQh4WS548vUnmXyjKuPDTeWsnYWCURjWgkk8_HiY&host=https://www.squadhelp.com&sa-user-id-v2=s%253A0-41c498ce-90bb-40b7-6293-a110ac65c75c%2524ip%252491.90.42.154.9DyGmogIQKyGUGSNbTMrxziF%252BZdFR5qDOxn3s97SnZE&sa-user-id=s%253A0-41c498ce-90bb-40b7-6293-a110ac65c75c.M6yMbfplcR%252FqRpf1QJPX0K2XYbOpBY%252BI9tN0aDF4rvw
IP 52.21.81.76:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9e29b9729014a4e6a0f9acf522daa07d
7ecad4e87388022ea224a8752b5ccf02aa3abcac
65d6fc76a8f26596cce60b33939093689c23e38cdc324343e82b3e7951ea84a1
GET /saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&t=CryptoForHealth.com%20is%20for%20sale&tip=gOJWQh4WS548vUnmXyjKuPDTeWsnYWCURjWgkk8_HiY&host=https://www.squadhelp.com&sa-user-id-v2=s%253A0-41c498ce-90bb-40b7-6293-a110ac65c75c%2524ip%252491.90.42.154.9DyGmogIQKyGUGSNbTMrxziF%252BZdFR5qDOxn3s97SnZE&sa-user-id=s%253A0-41c498ce-90bb-40b7-6293-a110ac65c75c.M6yMbfplcR%252FqRpf1QJPX0K2XYbOpBY%252BI9tN0aDF4rvw HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.squadhelp.com
Content-Type: text/plain; charset=utf-8
Date: Sun, 25 Sep 2022 19:01:22 GMT
Content-Length: 116
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
IP 142.250.74.3:0
Hash 6c624ca09ab26da2dca3770e5d631ecf
4f35a28b7407293f817b8c52bdf9154320e7d65f
338f426e1384937381a35ce5b6b8afaa302b2c089eb2bd0b4c43cebc6e34fee1
POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1664132480684%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fname%252Fcryptoforhealth%253Flp%253Dd%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1664132480684%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fname%252Fcryptoforhealth%253Flp%253Dd%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1664132480684%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fname%252Fcryptoforhealth%253Flp%253Dd%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1664132480684&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&ac55341e-9880-4817-8d94-364502d9564e"; Domain=.linkedin.com; Expires=Mon, 25-Sep-2023 19:01:22 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202209251901227e8187cd-6f1d-4a3e-841c-d6eca34b8094AQFeapevGbuEjuKBhBU6oliN58AgkGnb"; Domain=.www.linkedin.com; Expires=Mon, 25-Sep-2023 19:01:22 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjQxMzI0ODI7MjswMjGbZXDf2VS0riTtvBDlfu70cC5OrqGWcNRdwrn/v7J5nw==; Domain=.linkedin.com; Expires=Fri, 24 Mar 2023 19:01:22 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2349:u=1:x=1:i=1664132482:t=1664218882:v=2:sig=AQF7M14H-FagG8rd9duMVc1Gq-McAf_w"; Expires=Mon, 26 Sep 2022 19:01:22 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXphQmAmVfJ/0D9OIV6+w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B8E0590014634B56B149A19255D80FC9 Ref B: OSL30EDGE0209 Ref C: 2022-09-25T19:01:22Z
date: Sun, 25 Sep 2022 19:01:22 GMT
content-length: 0
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 828
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sun, 25 Sep 2022 19:01:22 GMT
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1664132480684&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1664132480684&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34987&time=1664132480684&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&4a92c829-9a46-452f-86d4-e801491815bc"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 25-Sep-2023 19:01:23 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2349:u=1:x=1:i=1664132483:t=1664218883:v=2:sig=AQHydpL4BwrpFLGpUVeBkvt84ClC7KKi"; Expires=Mon, 26 Sep 2022 19:01:23 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXphQmEOKbQuiur3585fQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A1A29586A18C4390BF2FF8D2BF9AF9A6 Ref B: OSL30EDGE0209 Ref C: 2022-09-25T19:01:23Z
date: Sun, 25 Sep 2022 19:01:22 GMT
content-length: 0
X-Firefox-Spdy: h2
widget.intercom.io/widget/ld9mkn53
54.230.111.95302 Found 0 B URL HTTP/2 widget.intercom.io/widget/ld9mkn53
IP 54.230.111.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget/ld9mkn53 HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://js.intercomcdn.com/shim.latest.js
date: Thu, 15 Sep 2022 19:18:38 GMT
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: I5MkASBA52Y1VwwiAnbiIXzhCxRBD1DrM4dnwiyg9-KDhoqrOuBnuA==
age: 862966
X-Firefox-Spdy: h2
js.intercomcdn.com/shim.latest.js
54.230.111.84200 OK 6.2 kB URL HTTP/2 js.intercomcdn.com/shim.latest.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Hash 78e5fa5780a095f31cd5ad256609db60
bc268b805d2bdd61437de79b38de1c27d16060bd
dbf5cace47334b0e3b1972da94b7a1d4a64e3c517ee3699c3bcf9a88a75e9d9c
GET /shim.latest.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6170
last-modified: Fri, 23 Sep 2022 14:33:24 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: dohpLQMJATrJhKVWci90uJsHoPft_NB6
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 19:01:07 GMT
cache-control: max-age=300, s-maxage=300, public
etag: "78e5fa5780a095f31cd5ad256609db60"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5SJjVpJiWNWbvBxXSzFcK86TSixC9DR2A2gh2QwJaUdfbUCtUtgn4A==
age: 17
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
js.intercomcdn.com/frame.d3f71718.js
54.230.111.84200 OK 130 kB URL HTTP/2 js.intercomcdn.com/frame.d3f71718.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 130 kB (129676 bytes)
Hash b9494458865666162b3a68d85fc9daa7
8e007cacbb8b9510edf2d4e4f46868bc7abdd7e0
82c3cdb5c762cdaaed36cfd9c946c9fc7012f284a5d42bbd351547fc7d71cbe1
GET /frame.d3f71718.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 129676
last-modified: Fri, 23 Sep 2022 14:31:56 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: jEj7i7pT6cAf82x31Uac6hrRy4xnf5kB
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 18:33:30 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "b9494458865666162b3a68d85fc9daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UpuDXqXJQrtqmDMWHpQDhpsh5e4bGX4QP8i-aUGV4qJfVCy2J8uksw==
age: 1674
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
script.fixel.ai/script/Fixel.min.js
54.230.111.89200 OK 0 B URL HTTP/2 script.fixel.ai/script/Fixel.min.js
IP 54.230.111.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/Fixel.min.js HTTP/1.1
Host: script.fixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 31 May 2021 09:44:32 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: qn3ku6T2KTYfiw1ZK.qbHtFFDfyG1XJc
server: AmazonS3
content-encoding: gzip
date: Sun, 25 Sep 2022 19:01:23 GMT
etag: W/"bd757ff2fd05d44091740f66680801be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cikSiUnO7iI3e4z8obzE0pV-meg-4dVau5U3rBlzwjlCb1tNfLsngA==
age: 452
X-Firefox-Spdy: h2
script.fixel.ai/config/FXL-1150-2383.json
54.230.111.89200 OK 152 B URL HTTP/2 script.fixel.ai/config/FXL-1150-2383.json
IP 54.230.111.89:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 651a6d3ba7143f83f44261232093a38c
43e11c4cc441663daf605df0414947c8756f2155
7a5cfb625e89e99af010b95040c9b9fdd6f518b9b87da64206c00fbb120933d1
GET /config/FXL-1150-2383.json HTTP/1.1
Host: script.fixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 152
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Mon, 01 Feb 2021 10:13:36 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: VlbH.UIcLlGlg9QOIym1wMb.PKZS9R_3
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 19:01:23 GMT
etag: "651a6d3ba7143f83f44261232093a38c"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KH7iP6OCZAEF7utsCjCvmrMgTZoaFWvuPsfEnjlT3wEWEqk2BOt3pQ==
age: 454
X-Firefox-Spdy: h2
cdn.acsbapp.com/cache/app/en.build.json
83.229.67.229200 OK 26 kB URL HTTP/2 cdn.acsbapp.com/cache/app/en.build.json
IP 83.229.67.229:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65461), with no line terminators
Hash a794966095fddedc631000bb665b3bb2
705acbb941f0c236beb8e7bc03da62b151a78e3a
f9ed6ed6fdedfeab5d889c75f05def886756fbe973ba25c3a7e01c59cfc5ce83
GET /cache/app/en.build.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Mon, 26 Sep 2022 19:01:23 GMT
content-type: application/json
last-modified: Wed, 31 Aug 2022 21:36:03 GMT
etag: "3b1ca-630fd443-839d4683053c3f7b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 25691
date: Sun, 25 Sep 2022 19:01:23 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
trc.taboola.com/1344021/trc/3/json?tim=1664132480693&data=%7B%22id%22%3A530%2C%22ii%22%3A%22%2Fname%2Fcryptoforhealth%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664132480688%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2FCryptoForHealth%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Flp%3Dd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664132480693%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A12%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 1.4 kB URL HTTP/2 trc.taboola.com/1344021/trc/3/json?tim=1664132480693&data=%7B%22id%22%3A530%2C%22ii%22%3A%22%2Fname%2Fcryptoforhealth%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664132480688%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2FCryptoForHealth%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Flp%3Dd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664132480693%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A12%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
Hash 55c97680583261075c85f646c160cb15
074b64e66a1243473cc2f9c5b3120771824d8096
cd064bc18cafd9a48351d335858a6c80a97d655429502aaccc19bf634311cb09
GET /1344021/trc/3/json?tim=1664132480693&data=%7B%22id%22%3A530%2C%22ii%22%3A%22%2Fname%2Fcryptoforhealth%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664132480688%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2FCryptoForHealth%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Flp%3Dd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664132480693%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A12%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:01:22 GMT
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664132483.521261,VS0,VE96
vary: Accept-Encoding
x-vcl-time-ms: 96
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:01:23 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 2754
x-timer: S1664132484.576379,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=00D84BBBB5854951ABD6A74BD9AAD267&RedC=c.clarity.ms&MXFR=2EB0BF674E8A6F011F81AD4D4A8A61FD
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=2EB0BF674E8A6F011F81AD4D4A8A61FD; domain=.clarity.ms; expires=Fri, 20-Oct-2023 19:01:23 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 25 Sep 2022 19:01:23 GMT
content-length: 0
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
142.250.74.163200 OK 24 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
IP 142.250.74.163:0
File type ASCII text, with very long lines (52762), with no line terminators
Hash f2d649025c814be9c33f166a5e04fe88
26bf59de631415927ba2c6c9e44fe9c763f95313
f95ec963b7657097e1ef827fc07d96eda5b63f7d3e17b5a1b5eeb7a8d0b67921
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 08:33:30 GMT
expires: Mon, 25 Sep 2023 08:33:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/css
age: 37673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0cef234c6faf10617bf293173b24ca5b
a17090860c96476f10920527171270a78df90be6
9ee0161e298ac539f36f613a9b0ef7b128c28ec6559492d34b50a2b863dae9c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5340
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:01:23 GMT
Last-Modified: Sun, 25 Sep 2022 17:32:23 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
c.bing.com/c.gif?CtsSyncId=00D84BBBB5854951ABD6A74BD9AAD267&RedC=c.clarity.ms&MXFR=2EB0BF674E8A6F011F81AD4D4A8A61FD
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=00D84BBBB5854951ABD6A74BD9AAD267&RedC=c.clarity.ms&MXFR=2EB0BF674E8A6F011F81AD4D4A8A61FD
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=00D84BBBB5854951ABD6A74BD9AAD267&RedC=c.clarity.ms&MXFR=2EB0BF674E8A6F011F81AD4D4A8A61FD HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=00D84BBBB5854951ABD6A74BD9AAD267&MUID=08ACF1BC430B6957157DE396425C68A5
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=08ACF1BC430B6957157DE396425C68A5; domain=c.bing.com; expires=Fri, 20-Oct-2023 19:01:23 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6AE4E22120BF433C89C8D67C13607F97 Ref B: OSL30EDGE0412 Ref C: 2022-09-25T19:01:23Z
date: Sun, 25 Sep 2022 19:01:22 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 8ecfb3d5dbc9e16472b9707b0b489877
fbcba25bc138213ced948347be923b50a3816505
16224ca9732609f61ffc83d3f57450f1f1c322f74a58f1c8a170b131cb6768a5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 19:01:23 GMT
Last-Modified: Sun, 25 Sep 2022 17:58:56 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TyxsyKg-VwSr4EQ1XcbEjlqkB2Omf_MKCUAoRSBPT5Gxe8soWhld-Q==
Age: 3747
c.clarity.ms/c.gif?CtsSyncId=00D84BBBB5854951ABD6A74BD9AAD267&MUID=08ACF1BC430B6957157DE396425C68A5
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=00D84BBBB5854951ABD6A74BD9AAD267&MUID=08ACF1BC430B6957157DE396425C68A5
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=00D84BBBB5854951ABD6A74BD9AAD267&MUID=08ACF1BC430B6957157DE396425C68A5 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 25-Sep-2022 19:11:23 GMT; path=/; SameSite=None; Secure;
date: Sun, 25 Sep 2022 19:01:23 GMT
content-length: 42
X-Firefox-Spdy: h2
api.fixelapp.com/api/v2/grade/FXL-1150-2383
54.236.160.208200 OK 91 B URL HTTP/1.1 api.fixelapp.com/api/v2/grade/FXL-1150-2383
IP 54.236.160.208:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d118754c636ddeb93dd14c746fb87df6
d89f015987af7821d85721c401870ae22e09a3bd
01e0937e46605255dd4d6787dafcb7f62e2ff30ba9ce94379ffee5bbc6ec7381
POST /api/v2/grade/FXL-1150-2383 HTTP/1.1
Host: api.fixelapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 441
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Date: Sun, 25 Sep 2022 19:01:23 GMT
ETag: W/"5b-2J8BWYeveCHYVyHEAYcK4i4Jo70"
Server: nginx/1.18.0
X-Powered-By: Express
Content-Length: 91
Connection: keep-alive
bam.nr-data.net/1/a159e7928d?a=126710130&v=1216.487a282&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=3868&ck=1&ref=https://www.squadhelp.com/name/cryptoforhealth&ap=124&be=611&fe=3472&dc=1078&perf=%7B%22timing%22:%7B%22of%22:1664132478242,%22n%22:0,%22f%22:323,%22dn%22:327,%22dne%22:358,%22c%22:358,%22s%22:384,%22ce%22:475,%22rq%22:475,%22rp%22:583,%22rpe%22:583,%22dl%22:595,%22di%22:957,%22ds%22:1077,%22de%22:1087,%22dc%22:3471,%22l%22:3471,%22le%22:3476%7D,%22navigation%22:%7B%7D%7D&fcp=961&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/a159e7928d?a=126710130&v=1216.487a282&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=3868&ck=1&ref=https://www.squadhelp.com/name/cryptoforhealth&ap=124&be=611&fe=3472&dc=1078&perf=%7B%22timing%22:%7B%22of%22:1664132478242,%22n%22:0,%22f%22:323,%22dn%22:327,%22dne%22:358,%22c%22:358,%22s%22:384,%22ce%22:475,%22rq%22:475,%22rp%22:583,%22rpe%22:583,%22dl%22:595,%22di%22:957,%22ds%22:1077,%22de%22:1087,%22dc%22:3471,%22l%22:3471,%22le%22:3476%7D,%22navigation%22:%7B%7D%7D&fcp=961&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/a159e7928d?a=126710130&v=1216.487a282&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=3868&ck=1&ref=https://www.squadhelp.com/name/cryptoforhealth&ap=124&be=611&fe=3472&dc=1078&perf=%7B%22timing%22:%7B%22of%22:1664132478242,%22n%22:0,%22f%22:323,%22dn%22:327,%22dne%22:358,%22c%22:358,%22s%22:384,%22ce%22:475,%22rq%22:475,%22rp%22:583,%22rpe%22:583,%22dl%22:595,%22di%22:957,%22ds%22:1077,%22de%22:1087,%22dc%22:3471,%22l%22:3471,%22le%22:3476%7D,%22navigation%22:%7B%7D%7D&fcp=961&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 19:01:24 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75060217aa860afe-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=3791bbef2a82c03; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=1711&scd=12&ssd=1&est=1664132480690&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1664132482402&vi=1664132480688&ri=e945a460fd95ea1a65e9de4556905499&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=1711&scd=12&ssd=1&est=1664132480690&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1664132482402&vi=1664132480688&ri=e945a460fd95ea1a65e9de4556905499&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1344021/log/3/unip?en=pre_d_eng_tb&tos=1711&scd=12&ssd=1&est=1664132480690&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1664132482402&vi=1664132480688&ri=e945a460fd95ea1a65e9de4556905499&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 19:01:24 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1282
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sun, 25 Sep 2022 19:01:23 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 181116
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sun, 25 Sep 2022 19:01:24 GMT
X-Firefox-Spdy: h2
nexus-websocket-a.intercom.io/pubsub/5-LtK_ugnP4Q5CboP4VMTkDsSiR8oOiSBg3SELOkE2QMrTIbNspOiOCxN5YySrXTCGP_z6JEAk4vv3mEsDkBsOo5Cczek_v7-9bxr3?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
34.237.73.95101 Switching Protocols 0 B URL HTTP/1.1 nexus-websocket-a.intercom.io/pubsub/5-LtK_ugnP4Q5CboP4VMTkDsSiR8oOiSBg3SELOkE2QMrTIbNspOiOCxN5YySrXTCGP_z6JEAk4vv3mEsDkBsOo5Cczek_v7-9bxr3?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
IP 34.237.73.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pubsub/5-LtK_ugnP4Q5CboP4VMTkDsSiR8oOiSBg3SELOkE2QMrTIbNspOiOCxN5YySrXTCGP_z6JEAk4vv3mEsDkBsOo5Cczek_v7-9bxr3?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.squadhelp.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Vy6/E3bvexagDg9s+JyAoA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sun, 25 Sep 2022 19:01:24 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oNE3grI5sCLGyonY+rtSRk6aZPM=
trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=4717&scd=12&ssd=1&est=1664132480690&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664132485407&vi=1664132480688&ri=e945a460fd95ea1a65e9de4556905499&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=4717&scd=12&ssd=1&est=1664132480690&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664132485407&vi=1664132480688&ri=e945a460fd95ea1a65e9de4556905499&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1344021/log/3/unip?en=pre_d_eng_tb&tos=4717&scd=12&ssd=1&est=1664132480690&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664132485407&vi=1664132480688&ri=e945a460fd95ea1a65e9de4556905499&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fcryptoforhealth%3Flp%3Dd HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 19:01:26 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 84146
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sun, 25 Sep 2022 19:01:27 GMT
X-Firefox-Spdy: h2
api-iam.intercom.io/messenger/web/ping
52.21.72.251200 OK 0 B URL HTTP/2 api-iam.intercom.io/messenger/web/ping
IP 52.21.72.251:0
POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 369
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:01:24 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1664132490
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13318
access-control-allow-origin: https://www.squadhelp.com
vary: Accept,Accept-Encoding
x-intercom-version: 6bfa21029297348698a2db16e38de5daa3cceae4
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 0003bo9fpu0233r87keg
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"8dd90896f48055aa6ce470fd4f964ad6"
x-runtime: 0.540045
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-0e4eed92dc7cf8528
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Raleway:wght@300;400;500;600;700;800;900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Raleway:wght@300;400;500;600;700;800;900&display=swap
IP 142.250.74.10:0
GET /css2?family=Raleway:wght@300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 19:01:20 GMT
date: Sun, 25 Sep 2022 19:01:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.chargebee.com/v2/114-787c2db90758610b8972.js
143.204.55.13200 OK 0 B URL HTTP/2 js.chargebee.com/v2/114-787c2db90758610b8972.js
IP 143.204.55.13:0
GET /v2/114-787c2db90758610b8972.js HTTP/1.1
Host: js.chargebee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 10:33:55 GMT
x-amz-version-id: 9ozn_gZ1EBCpkLIjg.sWikBOe0wVDov6
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 25 Sep 2022 18:56:34 GMT
cache-control: max-age=300,public
etag: W/"551324fc93e524172a80142c7ac6308e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ghb8oS09FWmux1hyatT-0J14b5J3oj8Efgfbi-X-E_NYR7vc9DvoXQ==
age: 286
X-Firefox-Spdy: h2
js.chargebee.com/v2/126-6b491c679ba93a82f801.js
143.204.55.13200 OK 0 B URL HTTP/2 js.chargebee.com/v2/126-6b491c679ba93a82f801.js
IP 143.204.55.13:0
GET /v2/126-6b491c679ba93a82f801.js HTTP/1.1
Host: js.chargebee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.chargebee.com/v2/master-462d72037425e5b57d4075564816847f.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 10:33:55 GMT
x-amz-version-id: ZsrQgwmTV_o_aNy.hmK4eVs5azyiiI7I
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 25 Sep 2022 18:58:04 GMT
cache-control: max-age=300,public
etag: W/"944ab4403cc2f30eef7954d7a5da9d59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QPJ9vhFoX0cHVRviPUd7FTEiHqVoOXqjEdRR7I_1HmRHl7Sk46_nIw==
age: 198
X-Firefox-Spdy: h2
js.chargebee.com/v2/130-7c8f72d726fc8f47a6d9.js
143.204.55.13200 OK 0 B URL HTTP/2 js.chargebee.com/v2/130-7c8f72d726fc8f47a6d9.js
IP 143.204.55.13:0
GET /v2/130-7c8f72d726fc8f47a6d9.js HTTP/1.1
Host: js.chargebee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.chargebee.com/v2/master-462d72037425e5b57d4075564816847f.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 10:33:55 GMT
x-amz-version-id: 07zbwq9IGZ1JZaHLSqqTDKJz563zS5md
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 25 Sep 2022 19:01:13 GMT
cache-control: max-age=300,public
etag: W/"28f8e153e68b5931c991dc38cd63345e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ClpHMNLeii5Nge0VVn0YjpWOmoVwHb20S99V7yWqpaDgNUAL3ejb5w==
age: 11
X-Firefox-Spdy: h2
www.squadhelp.com/var/a1513cb569363f3d9b933bba37770c90.css
192.124.249.108200 OK 0 B URL HTTP/2 www.squadhelp.com/var/a1513cb569363f3d9b933bba37770c90.css
IP 192.124.249.108:0
GET /var/a1513cb569363f3d9b933bba37770c90.css HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/cryptoforhealth?lp=d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: text/css
x-sucuri-id: 19008
last-modified: Sat, 23 Jul 2022 22:04:53 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"62dc7085-33f89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
x-sucuri-cache: HIT
X-Firefox-Spdy: h2
js.chargebee.com/v2/master-b064c1e4493974d651d5.js
143.204.55.13200 OK 0 B URL HTTP/2 js.chargebee.com/v2/master-b064c1e4493974d651d5.js
IP 143.204.55.13:0
GET /v2/master-b064c1e4493974d651d5.js HTTP/1.1
Host: js.chargebee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.chargebee.com/v2/master-462d72037425e5b57d4075564816847f.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 10:33:55 GMT
x-amz-version-id: NyyqXN5P0YyIJLRyYCcng9eH9YFZwotR
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 25 Sep 2022 18:57:05 GMT
cache-control: max-age=300,public
etag: W/"15d1ae8d4ccbe48430fefe794408800b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gu3ePscXJh7dr7uJq4YnwrFZB_WGGoOlSX97R5LdENmtKHsDX89YCg==
age: 257
X-Firefox-Spdy: h2
a.quora.com/qevents.js
162.159.152.17200 OK 0 B IP 162.159.152.17:0
GET /qevents.js HTTP/1.1
Host: a.quora.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: text/plain
x-amz-id-2: jHbk68zF0oCrN99I6TpiQ8LNg0dDTKL0BkbZQKZkL1zB85BMiiIcpjSQWNebJHGDeWUqTCN88Lg=
x-amz-request-id: 4K18RXATE8CH2H8E
last-modified: Fri, 18 Mar 2022 00:16:52 GMT
etag: W/"47078e63380c6b0cbbfb6d8508b25ee7"
x-amz-meta-s3cmd-attrs: atime:1647562609/ctime:1647562609/gid:150037/gname:ezhang/md5:47078e63380c6b0cbbfb6d8508b25ee7/mode:33204/mtime:1647562609/uid:150037/uname:ezhang
cache-control: public, max-age=14400
x-amz-version-id: vyBstMTGyA6m5sV66zq8xsypUg.tAOk.
cf-cache-status: HIT
age: 4545510
expires: Sun, 25 Sep 2022 23:01:20 GMT
set-cookie: __cf_bm=Q06JSJJXLxitujE86rjf6LZtKuZeKFGczPAu4yGIY0A-1664132480-0-AYWC+/PZROSpv7xi+BWh91LtqelmiGbVCs7sKKGE9O3Yfi/sn1gMFat3Qi1wnO7TX79+Bp2BBl5THAICIf46gvQ=; path=/; expires=Sun, 25-Sep-22 19:31:20 GMT; domain=.quora.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 750602048c18fac8-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.0/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.0/css/all.css
IP 172.64.132.15:0
GET /releases/v5.7.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:01:20 GMT
content-type: text/css
x-amz-id-2: xLZzNn1U+hfrElfXSwYEn99sQ3GekuZ9YQLBx9h9Zz970hQ7B2qMewFs88973iZxl9siwAAxNj0=
x-amz-request-id: 2HZP1MYC91V1HPAK
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:15 GMT
etag: W/"251d28bd755f5269a4531df8a81d5664"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28870479
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3%2B7KRwZqT7WJc6hkgg4tDLe%2BF0523LmzsNlrFuZLSX%2BnTz3nL3LtS195kuqgmljrFRcHHNLt2If%2B%2F8eT0mX5ybdlcS5lkM3iiMKUGhzWdrL9BCYk8Pf4DInYhC2dvxlpfKZi3WH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750602035c6776ef-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 0 B URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 07:11:34 GMT
expires: Fri, 22 Sep 2023 07:11:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 301789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.41/clarity.js
13.107.219.53200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.6.41/clarity.js
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.6.41/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8ccdebe9ad570"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0gqUwYwAAAADAQM/n4/l5R6+gAQlsthMtT1NMMjMxMDUwMjA1MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Sun, 25 Sep 2022 19:01:21 GMT
X-Firefox-Spdy: h2