Report - www.artsforallpdx.org/

Report Overview

Submitted URL
www.artsforallpdx.org/
IP
104.21.63.182
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-08 22:13:14
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
widget.intercom.io	2417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	6.9 kB	54.230.111.119
tags.srv.stackadapt.com	3857	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	7.5 kB	54.243.239.236
px.ads.linkedin.com	522	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.6 kB	13.107.42.14
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	653 B	349 B	157.240.221.35
trc-events.taboola.com	1779	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	732 B	141.226.228.48
js.intercomcdn.com	2440	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	747 B	148 kB	54.230.111.33
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.9 kB	143.204.42.165
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	28 kB	157.240.221.16
www.artsforallpdx.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	1.3 kB	172.67.171.154
acsbapp.com	5220	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	143 kB	104.238.215.8
api.fixelapp.com	70153	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	327 B	34.193.248.175
js-agent.newrelic.com	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	11 kB	151.101.194.137
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.4 kB	64.233.165.157
bam.nr-data.net	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	890 B	514 B	162.247.241.14
b.clarity.ms	3462	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	918 B	572 B	20.75.32.255
trc.taboola.com	602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	554 B	151.101.193.44
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	61 kB	34.120.237.76
www.squadhelp.com	185777	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	322 kB	104.22.53.96
cdn.taboola.com	1040	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	19 kB	151.101.193.44
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	677 B	564 B	216.239.34.36
t.co	569	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	747 B	593 B	104.244.42.69
nexus-websocket-a.intercom.io	2137	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	735 B	281 B	35.174.127.31
www.clarity.ms	1404	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	756 B	2.8 kB	13.107.246.53
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
script.fixel.ai	59005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	96 kB	54.230.111.88
cdn.acsbapp.com	5589	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	840 B	27 kB	104.238.215.8
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	3.1 kB	142.250.74.67
www.linkedin.com	608	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	614 B	2.6 kB	13.107.42.14
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	728 B	95.101.11.115
amplify.outbrain.com	2255	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	5.7 kB	2.18.173.74
alb.reddit.com	1521	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	276 B	151.101.129.140
status.thawte.com	5123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
analytics.twitter.com	526	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	764 B	613 B	104.244.42.131
c.bing.com	247	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	487 B	795 B	204.79.197.200
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.33.119.27
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.2 kB	13 kB	142.250.74.131
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.215.91.121
cdn.linkedin.oribi.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	990 B	919 B	54.230.111.42
c.clarity.ms	803	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	847 B	1.2 kB	20.234.93.27
tr.outbrain.com	2017	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	491 B	64.202.112.95
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.6 kB	93.184.220.29
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	106 kB	142.250.74.168
q.quora.com	3239	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	505 B	418 B	52.72.186.224
snap.licdn.com	1044	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	4.9 kB	95.101.11.48
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	5.5 kB	142.250.74.34
static.ads-twitter.com	614	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	16 kB	151.101.84.157
api-iam.intercom.io	2892	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	477 B	2.7 kB	3.93.95.179
bat.bing.com	387	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.4 kB	204.79.197.200
web1.acsbapp.com	37191	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	1.6 kB	138.128.247.123

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	www.artsforallpdx.org/	Malware
2022-12-08	medium	www.artsforallpdx.org/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (62)

	URL	Size	First Seen	Last Seen
	www.squadhelp.com/var/8f6aff5a9ea5c7dad1670a08e291772e.js	290 kB	2023-03-08	2023-03-08
Pretty URL www.squadhelp.com/var/8f6aff5a9ea5c7dad1670a08e291772e.js IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:21:12 Last Seen2023-03-08 22:50:16 Times Seen1 Hash 8f6aff5a9ea5c7dad1670a08e291772e 4af66415e1fd25787ed8fdd7a675fba7bb1f6686 57c4ea3bb50049149afc7830be27bd81e05bfe71333a8dd75b0307d6e3232470 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585504&cv=11&fst=1670537585504&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&rfmt=3&fmt=4	1.9 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585504&cv=11&fst=1670537585504&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:16 Last Seen2023-03-08 22:50:16 Times Seen1 Hash 008b303f9ebeaf7062bd3246063fd64f 0b84e5195077717f7a6f3140940cbf04f486964b cb495137ef66352a105c72d846a755c98af45c78f7b40f7e89fa922fc4465bf9 Loading...

	www.google-analytics.com/gtm/js?id=GTM-PZ8ZGQF&cid=171965940.1670537586	112 kB	2023-03-08	2023-03-08
Pretty URL www.google-analytics.com/gtm/js?id=GTM-PZ8ZGQF&cid=171965940.1670537586 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:16 Last Seen2023-03-08 22:50:16 Times Seen1 Hash 837392cc257af4061cd798064e506d54 7e7917d7c5b27190daec636c045408333b83b077 17320225e14749e75e24b790a25bc5b47d82b62474b09c4c068487a6184058bd Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	698 B	2023-03-07	2024-02-28
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2024-02-28 15:31:14 Times Seen612 Hash abd3e4a56f31122358e76ce314586964 833a4577da024480599a9d74bfa90f709ac5b95e ccf6bd94403339d72d3400da5a569e9c114e6069a97f1c8e64b53ec68bfc263f Loading...

	js.intercomcdn.com/frame.5f515a49.js	526 kB	2023-03-08	2023-03-08
Pretty URL js.intercomcdn.com/frame.5f515a49.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:21:12 Last Seen2023-03-08 22:50:16 Times Seen1 Hash ce72c4bac61a4aa654a9522c739497aa 1968428985dda10acffa2aee51fb6192f61448b6 32a784de963c46ed976d99b780fec2fc926326595a5cb149ff4b467ce9c0f01b Loading...

	acsbapp.com/apps/app/dist/js/app.js	436 kB	2023-03-08	2023-03-09
Pretty URL acsbapp.com/apps/app/dist/js/app.js IP 104.238.215.8 ASN #36007 KAMATERA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:46:31 Last Seen2023-03-09 02:40:45 Times Seen1 Hash c0eebf5dc17fe1e0a64987e158635a23 708d46a6c4c91ebb5c2cc497bde8168d85f60bd4 45aafd439744b40486fc39b5a705d44d3cadf5e9c288952aee5b2cdef6b98ca8 Loading...

	trc.taboola.com/1344021/trc/3/json?tim=1670537586377&data=%7B%22id%22%3A431%2C%22ii%22%3A%22%2Fname%2Fartsforallpdx.org%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670537586367%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Flp%3Dd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670537586377%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A39%2C%22supv%22%3Atrue%7D%7D&pubit=i	2.6 kB	2023-03-08	2023-03-08
Pretty URL trc.taboola.com/1344021/trc/3/json?tim=1670537586377&data=%7B%22id%22%3A431%2C%22ii%22%3A%22%2Fname%2Fartsforallpdx.org%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670537586367%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Flp%3Dd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670537586377%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A39%2C%22supv%22%3Atrue%7D%7D&pubit=i IP 151.101.193.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:16 Last Seen2023-03-08 22:50:16 Times Seen1 Hash 648286fd5e9c24a69667f2323ccb8245 2b27aca0fd75c7cfbb1c3c9c74bedd9bd676ccbc 97770f138bc825cb5bf009bcc550b62f78fa2ebaf69f3ee1aa8bd8c509f98fe7 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	724 B	2023-03-08	2023-03-12
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:21:12 Last Seen2023-03-12 07:06:57 Times Seen1 Hash 193d5f59c6de8a88f20c88dbde7094cf 975810cc5d07299b33c7516fd830543922f3d58a 8bb16e4f80ba1fe42f39b950016056e8ccbda310b3d45e7d8388ccbc834680b9 Loading...

	www.redditstatic.com/ads/pixel.js	25 kB	2023-03-08	2023-12-01
Pretty URL www.redditstatic.com/ads/pixel.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2023-12-01 19:12:11 Times Seen28 Hash c1c34430d39fb43c9612aebe7ab8a9db 4d7f5cb7b29685a3a5a51c140288465e9553a0a7 4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	139 B	2023-03-08	2023-06-09
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:48:02 Last Seen2023-06-09 07:46:32 Times Seen22 Hash cd806d3388876cc2967c76deef2e5cc9 a498bd81e6987e1bd58c8bac06c8cc4acfec4a3d b7ac31b6814fc6c4b73db6d2fc751c8c3e4dbda3057cb4132e01b81a47087f62 Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-08	2023-03-12
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 95.101.11.48 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:40 Last Seen2023-03-12 12:54:15 Times Seen1 Hash 795b6295a518e0a829d7b29695163231 9cada4433e63280a008cbb0a2a0bdb5af5e57206 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c Loading...

	js-agent.newrelic.com/290.2d6a2503-1220.js	8.6 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/290.2d6a2503-1220.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash 13898fbb4d7a1f83fc6722c4c12faf40 4be4e86a3b56733c67c789223989450b6d0ef351 e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b Loading...

	js-agent.newrelic.com/768.2d6a2503-1220.js	5.6 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/768.2d6a2503-1220.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash d6cc8b42eda6fd7734014b03b87b5787 c0e66d0f7274bbb6404012b6b57ff74333818a13 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5 Loading...

	www.squadhelp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-04-25
Pretty URL www.squadhelp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 01:41:32 Times Seen43077 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	www.squadhelp.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-25
Pretty URL www.squadhelp.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 03:31:31 Times Seen54884 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	56 B	2023-03-07	2024-04-24
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:50 Last Seen2024-04-24 18:57:16 Times Seen870 Hash 8f4922fb31b62ff8d488fc268afb7888 10c55c702fbf04e6bc65d18fe606a0b5d716d965 7d00d8d5526624338907213c65a10f69fd9b329cf8f0bfa19a19060448c079f8 Loading...

	widget.intercom.io/widget/ld9mkn53	19 kB	2023-03-08	2023-03-08
Pretty URL widget.intercom.io/widget/ld9mkn53 IP 54.230.111.119 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:30:01 Last Seen2023-03-08 22:52:06 Times Seen1 Hash 082cbbf6201c02865a3c80bb7cb3d3fa 345a07e8af07378242a029fed22bff4a5c422ca5 96e3806de1e388b0d157ba945f74b300f84a8b92189724ef2fc40257f6f78ecb Loading...

	connect.facebook.net/signals/config/776488579087398?v=2.9.89&r=stable	301 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/776488579087398?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:16 Last Seen2023-03-08 22:50:16 Times Seen1 Hash d09a1c39dfdd3903c98585d93e68755a e8b676cfe6bd6dc9530ecfaa390fe7aec809df6d e45a0a4331bd13b853deda616f4213c6444de979a1911b3af8efa592dc81a3fa Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585650&cv=11&fst=1670537585650&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&data=event%3Dgtag.config&rfmt=3&fmt=4	1.9 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585650&cv=11&fst=1670537585650&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:16 Last Seen2023-03-08 22:50:16 Times Seen1 Hash 92abee48fa748b25d9c0f6ee1a0bc456 353c0559fd7b2dda4bc7904dd9cebfab4f20e6a3 4b03060d8c6c643adf7cd3bd2599a88e47ac2e5274cda639b78033d889143a59 Loading...

	www.clarity.ms/eus2/s/0.6.43/clarity.js	55 kB	2023-03-08	2023-10-23
Pretty URL www.clarity.ms/eus2/s/0.6.43/clarity.js IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:44 Last Seen2023-10-23 15:37:18 Times Seen9 Hash 441723b72633b1ac9757ad7c63168005 806166ca9ebb5839dd90a5e5c9335e3e0b18c169 cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11 Loading...

	tr.outbrain.com/cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc	35 B	2023-03-07	2024-02-13
Pretty URL tr.outbrain.com/cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc IP 64.202.112.95 ASN #22075 AS-OUTBRAIN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-02-13 00:48:29 Times Seen1372 Hash 75c843c7b717e7b722777907475c67a3 983d1c9a05b315288039b9d4694ce3b402259240 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	523 B	2023-03-08	2024-02-07
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:10:14 Last Seen2024-02-07 10:32:02 Times Seen312 Hash a595b2d8385684304b20ca188de913e4 7bb7a1357d3bc1967c3e68486f2e7d001ea8fedb 35cc2d740f38a45bdb7a8cf68051f52441c5519804efc8ebbd3f12cd50d6eae4 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	1.2 kB	2023-03-08	2024-02-28
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:10:14 Last Seen2024-02-28 15:31:13 Times Seen587 Hash 89583f8a2f18a575a7261234a7f5e512 632ca4853ca683a1ef953c4c1d0e18f207cb072c a8d77e92a41bf7dec1ceea98583feab99fc46f5fc7b90ab0e0c9945b9333d17e Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	266 B	2023-03-07	2024-02-28
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2024-02-28 15:31:15 Times Seen437 Hash 57fd7541932e9e18cbdff51af3024ff2 b3d11c3a8128d75b86e8e08a21296f0da5472e72 b38b9b65b83d24eb3d98067c9e964f63f3fa55d81114a7a305cea39a7f157d78 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	575 B	2023-03-07	2024-02-28
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2024-02-28 15:31:15 Times Seen611 Hash 3a64a6a67fe1528ac513c0013adaac95 5fd26365e0dea47e4c8aa8d72dc14ef40430ad26 480841d7888b57ac3725901c893144777dacde40930d969251d1bf0fb229f218 Loading...

	cdn.taboola.com/libtrc/unip/1344021/tfa.js	59 kB	2023-03-08	2023-03-08
Pretty URL cdn.taboola.com/libtrc/unip/1344021/tfa.js IP 151.101.193.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:22:29 Last Seen2023-03-08 22:50:16 Times Seen1 Hash a446bdcc0bce0eccb7b6c389a759ec18 c7df698d2420bf4e29a84aa17a0fa44e4890b9e0 1ad6f1f5281e956e334fb1b6a08d0d7b5c92bb3460c5c36fe70cf2283f40acec Loading...

	js-agent.newrelic.com/368.2d6a2503-1220.js	3.5 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/368.2d6a2503-1220.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash 16b4f3676c3859e1378a2ccdebbad675 e08f86ca1dc56c2ed885404d2819f540c7905cae b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	398 B	2023-03-07	2024-02-28
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2024-02-28 15:31:15 Times Seen611 Hash 3dc45c4b7638344d8a61665b9b50d812 b8a1d9d8ce710e3bcc92ffdf7e1dd83e671e8293 6f1710928779862e2434a0b272c2b110aed15fd6f9aa05bb4a408afcf341ec91 Loading...

	www.googletagmanager.com/gtag/js?id=G-VJ36JWQDE1&l=dataLayer&cx=c	218 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-VJ36JWQDE1&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:16 Last Seen2023-03-08 22:50:16 Times Seen1 Hash 18f53a013e4496d565d8422c48abe985 b20764cba49636598bf6550c0db04c381f8efa46 2813e413f9a27f4a8f3ec92ade887e4c565e54c6a1b9799d1ebe846d9178d113 Loading...

	bam.nr-data.net/1/a159e7928d?a=126710130&v=1220.PROD&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=4520&ck=0&s=6350f223875c0d0b&ref=https://www.squadhelp.com/name/artsforallpdx.org&ap=384&be=2773&fe=94&dc=82&perf=%7B%22timing%22:%7B%22of%22:1670537582465,%22n%22:0,%22f%22:950,%22dn%22:952,%22dne%22:980,%22c%22:980,%22s%22:983,%22ce%22:1093,%22rq%22:1093,%22rp%22:2487,%22rpe%22:2487,%22dl%22:2498,%22di%22:2697,%22ds%22:2732,%22de%22:2734,%22dc%22:2767,%22l%22:2767,%22le%22:2785%7D,%22navigation%22:%7B%7D%7D&fcp=2688&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/a159e7928d?a=126710130&v=1220.PROD&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=4520&ck=0&s=6350f223875c0d0b&ref=https://www.squadhelp.com/name/artsforallpdx.org&ap=384&be=2773&fe=94&dc=82&perf=%7B%22timing%22:%7B%22of%22:1670537582465,%22n%22:0,%22f%22:950,%22dn%22:952,%22dne%22:980,%22c%22:980,%22s%22:983,%22ce%22:1093,%22rq%22:1093,%22rp%22:2487,%22rpe%22:2487,%22dl%22:2498,%22di%22:2697,%22ds%22:2732,%22de%22:2734,%22dc%22:2767,%22l%22:2767,%22le%22:2785%7D,%22navigation%22:%7B%7D%7D&fcp=2688&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken IP 162.247.241.14 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	26 B	2023-03-07	2023-03-17
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2023-03-17 10:20:09 Times Seen1 Hash 525c9561286c257856c53c654581a162 0824cd2dfadd497056563b0a457aa20e40e14369 f1318874cf7a67a7aa9504db5c95acd240d08ed05cee97f91adcf614c20671bb Loading...

	www.clarity.ms/tag/3xq9rdybkj	1.6 kB	2023-03-08	2023-03-11
Pretty URL www.clarity.ms/tag/3xq9rdybkj IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:57:47 Last Seen2023-03-11 23:14:07 Times Seen1 Hash 838b3aa470fe3471247f0f8f14c4737f fe3024aa607de05cbf40ecec10613ded27038661 6b964ea544b53e75dcb96588424c96c1ca64e72aa2da0013ce751b39a8f2c05b Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	339 B	2023-03-07	2023-08-10
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2023-08-10 09:24:15 Times Seen53 Hash f11bcfd622cdfc35f15b0ec5766c321c 1351aa08a1bfcc128804ed0f300ebbad9bf068c2 8bb7fdc7f62575090e84ce7491cd9bc3c218ead9214a990783470332806f8870 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	337 B	2023-03-07	2024-02-28
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2024-02-28 15:31:15 Times Seen612 Hash 87ae6bf2dcc84724fe0a2559cc450432 5a079f48c73627e40405f7388097590a3890f563 7fc81b4fe21d9fa786eac4004609e4b2ec1010b7323857296d5cc82a4aea2a2d Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 03:36:50 Times Seen37053320 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	131 B	2023-03-07	2024-02-28
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2024-02-28 15:31:14 Times Seen612 Hash 32304e2fcc3fa92d005c495c25bc6d02 f8e6ac17d9a81e617209c0cb005e586558d269ac f4257d50f4f453211edf9f2aed9b6b6332eaf1b330bc1fe0cccfe8e60c000665 Loading...

	script.fixel.ai/script/Fixel.min.js	21 kB	2023-03-07	2023-03-17
Pretty URL script.fixel.ai/script/Fixel.min.js IP 54.230.111.88 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2023-03-17 10:20:09 Times Seen1 Hash bd757ff2fd05d44091740f66680801be 4fe9d0c45f50c18256a8dd70b4dbee9ca13404d1 a71b2cb6d30b093e46ad502c061e923d7ce3de2b1f6ad1c17189ec231195315a Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	www.google.com/pagead/1p-conversion/1030947153/?random=1670537585494&cv=11&fst=1670537585494&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&value=0&bttype=purchase&auid=742296991.1670537585&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4	43 B	2023-03-07	2024-04-20
Pretty URL www.google.com/pagead/1p-conversion/1030947153/?random=1670537585494&cv=11&fst=1670537585494&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&value=0&bttype=purchase&auid=742296991.1670537585&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2024-04-20 17:48:03 Times Seen63949 Hash ad8b6f08655797587cdec719a94efe59 182adf5a140796f81e930649d05654dbf22fd5b7 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Loading...

	www.googletagmanager.com/gtag/js?id=AW-1030947153	195 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-1030947153 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:16 Last Seen2023-03-08 22:50:16 Times Seen1 Hash 3a8570b7f4e296b63721f9a69545e0bd a726002d1a55d34a83e02ae5f198efd68deb8033 77f459343f4d255f8ef3b68bc2009b0c2d7bb0f085f87aa9bcff2da2f0001de2 Loading...

	amplify.outbrain.com/cp/obtp.js	17 kB	2023-03-08	2023-11-28
Pretty URL amplify.outbrain.com/cp/obtp.js IP 2.18.173.74 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:29 Last Seen2023-11-28 17:55:58 Times Seen4 Hash fe80c55f1e1387116ff9765261ed192c 7e5d268638aba6eb152ea69de285b9bb0cbc7869 1ccdc085b5be138822c5352d11f93edad63feaf4a7cbcac15314705a863492e7 Loading...

	js-agent.newrelic.com/552.2d6a2503-1220.js	22 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/552.2d6a2503-1220.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen6 Hash 777ac0df4dba632ad1b2955c88dd51ac bd51770555ea92df71f7d5d102dbf8cdc583abf6 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc Loading...

	js-agent.newrelic.com/775.2d6a2503-1220.js	1.2 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/775.2d6a2503-1220.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash 1dfdb74c0491489bf04c6deadb56add2 09c28f9e93c01cb3870d7a8083658c594d5ee42b 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3 Loading...

	bat.bing.com/bat.js	39 kB	2023-03-08	2024-01-01
Pretty URL bat.bing.com/bat.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:15 Last Seen2024-01-01 05:01:16 Times Seen16 Hash 258ac0be54e333a28d69bfd394fcde90 daecd0687e8b00f5d67a7732ccbe9174326821d9 f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585477&cv=11&fst=1670537585477&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&data=ecomm_pagetype%3Dproduct&rfmt=3&fmt=4	1.9 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585477&cv=11&fst=1670537585477&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&data=ecomm_pagetype%3Dproduct&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:16 Last Seen2023-03-08 22:50:16 Times Seen1 Hash 055d6da39a7c1ccad1b57e93fa0ebf54 7177477d4c050f77aa940befb3a668f5980ccbc8 449ed3006392f1a1e128d2c3c2bb9328b69b5b4b54112d30e92ae0e40163dd00 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585530&cv=11&fst=1670537585530&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&data=dynx_pagetype%3Dother&rfmt=3&fmt=4	1.9 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585530&cv=11&fst=1670537585530&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&data=dynx_pagetype%3Dother&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:16 Last Seen2023-03-08 22:50:16 Times Seen1 Hash bc5841d3eaee2ef485386207f4553384 c71771309bc54dbaa4a6aea221df81bedc14a083 1f95cfd6696bab92f3554427a5f902e96c63178a52e572da389ed4dd70c95f6f Loading...

	connect.facebook.net/signals/plugins/identity.js?v=2.9.89	65 kB	2023-03-08	2024-02-19
Pretty URL connect.facebook.net/signals/plugins/identity.js?v=2.9.89 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:50 Last Seen2024-02-19 23:40:48 Times Seen4401 Hash ed5d6caf417fab681343bc3414babc55 410ba8d8866d7c7df41f21526345cfb7426386f2 7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	706 B	2023-03-08	2023-12-22
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:10:14 Last Seen2023-12-22 07:55:58 Times Seen306 Hash 9236b4e28b8d49063630978fe924323d d6d6831e601b242ba1f1d854375edfc587c08313 33c5a02b86554d640255fd9e827a1fa6417e7f820ebbbf3dbffc0544d977e474 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	887 B	2023-03-07	2024-02-28
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2024-02-28 15:31:13 Times Seen612 Hash c9f9ead80a9204644e6d4758033e15a3 bbf84f6d1b5888dadf2f1c43ce0c4d25dca79631 9fd478743b088c903247137ed2263f5b223f13458def264803fbd3a235ebce13 Loading...

	cdn.jsdelivr.net/npm/search-insights@1.3.1	10 kB	2023-03-07	2024-03-07
Pretty URL cdn.jsdelivr.net/npm/search-insights@1.3.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2024-03-07 14:14:13 Times Seen1251 Hash c793d44533d5b4398bb245eef03c593d 1462c8d1cbffb35a800379cce732dd144a5c9364 47c45e88cf077d9f81fbf85bc409e22eaea1604e12b33ecd1ee3a1af47bd45a1 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	214 B	2023-03-08	2023-03-09
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:16 Last Seen2023-03-09 14:40:12 Times Seen1 Hash c324464191e1f71a00a27ab6ff6bbf77 a7cc655d4f2784cd62d4c1726a1deb6ced5ea575 fc60a5c6ae165e28d2fbe366cc2594468c2c8713c924da9e5efaf28520291b0b Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	272 B	2023-03-08	2023-03-08
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:16 Last Seen2023-03-08 22:50:16 Times Seen1 Hash 1910cd7fa0fb9307e8040613b1c3947c b58bd74b93f590477b3712ad94f7c40b3e4dd9ae 625828e20b48f1fd55396e57806a81805145ac574f8f7d11e5777483a9bf86d4 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	364 B	2023-03-07	2024-02-28
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2024-02-28 15:31:15 Times Seen611 Hash 948114bbff28be5ab02c13588ebcaae9 0b4a49943797868edbba6a68e4a3f8be55a2daf4 d1e6933fc0b463b1f85181d4c8b2305292b64403934d6eabf4d9ddf3b119d6f6 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	33 kB	2023-03-08	2023-03-12
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:53:39 Last Seen2023-03-12 20:41:25 Times Seen1 Hash 858a3e16eea0e2f30a86f6cd74234a52 cc2e2471a682ca2924990672f91ec21858af9012 d287b384567cbeee11c49456bcb362b42e8655262a36a0330b905f05d1793360 Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	511 B	2023-03-08	2023-03-13
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:21:12 Last Seen2023-03-13 07:31:40 Times Seen1 Hash 591cb3dd8b4ff06e02120e5835d232cc daede3d6971057d5ad35cce2193b78afa9d1ac81 769167ae21e1cdd835ab0db4e659d7c691f541279008a10cbb21debd7e460495 Loading...

	static.ads-twitter.com/uwt.js	58 kB	2023-03-08	2024-04-20
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-04-20 17:48:03 Times Seen4329 Hash 32ad004436155ec972bc50e6238b5b67 9b2cdb645c2fa5b98a9d05dcdca521fed4a17b7b cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Loading...

	www.googletagmanager.com/gtm.js?id=GTM-M6CM29	339 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-M6CM29 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:17 Last Seen2023-03-08 22:50:17 Times Seen1 Hash 5633f8cf0dc3ac186b3273cc83d0c85a 0139a0516384a761289a1c0ef123c73ac6fb3dd0 13bcb0bce34fabbdc93486097f82f7aeed614ea308c2ab8660c7949065108bfa Loading...

	www.squadhelp.com/name/artsforallpdx.org?lp=d	560 B	2023-03-07	2024-02-28
Pretty URL www.squadhelp.com/name/artsforallpdx.org?lp=d IP 104.22.53.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2024-02-28 15:31:14 Times Seen612 Hash 2778024ed84d1ab4646e3e6eafbb8bf0 3fdb2f3d53267ed12a8b45596b638d593b581545 bc688214947f40dbe499b79b8e009afe358c1de6dc84cb5cd461fa5a8733a4ef Loading...

	tags.srv.stackadapt.com/events.js	17 kB	2023-03-08	2023-03-08
Pretty URL tags.srv.stackadapt.com/events.js IP 54.243.239.236 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:17 Last Seen2023-03-08 22:50:17 Times Seen1 Hash 54247188ba511d3043f2ca794818fa3a 9fc2815c4b058588bea4c83dfca7be0248d6947e 0755fa1f770c48391b67ec04545696d3fee30c0f2c46f7d156c74641dc74bd95 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d17e4b8ddf2f08e01a2e80cdef8d9a19	89 B	2023-03-08	2023-03-09
Pretty Observations First Seen2023-03-08 22:50:17 Last Seen2023-03-09 14:40:12 Times Seen1 Hash d17e4b8ddf2f08e01a2e80cdef8d9a19 01a1403806125adc66d8fbbe860eeeafc450b02b dbe5fa2d8d8bd148d6561156be8638d63190d5c54cd66915fd6fa99bb3cbfbd0 Loading...

		Size	First Seen	Last Seen
	#1 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-25 01:35:01 Times Seen14296 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (131)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4302
Expires: Thu, 08 Dec 2022 23:24:45 GMT
Date: Thu, 08 Dec 2022 22:13:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11664
Expires: Fri, 09 Dec 2022 01:27:27 GMT
Date: Thu, 08 Dec 2022 22:13:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c3470f9f0a4df8c1496b577fa9435ff6
f83b0226bb57ed0f3e1acdad61b940414add135d
f542579e3a3577a646babde862282c2afda6ed784360a915143216100f7a3d91

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F542579E3A3577A646BABDE862282C2AFDA6ED784360A915143216100F7A3D91"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5767
Expires: Thu, 08 Dec 2022 23:49:10 GMT
Date: Thu, 08 Dec 2022 22:13:03 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 22:08:15 GMT
content-type: application/json
age: 288
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.artsforallpdx.org/

172.67.171.154

301 Moved Permanently

0 B

URL HTTP/1.1
www.artsforallpdx.org/
IP
172.67.171.154:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.artsforallpdx.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 22:13:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 08 Dec 2022 23:13:03 GMT
Location: https://www.artsforallpdx.org/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSONDmsWWgBcZt%2Fa68FfUJefnmACcXygn0IdnmOeRkgYTz0my3bXbGrtaax7d4WOzTrDArR9rKN%2F6ymoEdyGXPyAewwGhKyubHHRv4OBQxNn64h%2BuqHVXb6ZaXk0P1KHrd7bXYofxuw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7768d8996accb517-OSL
alt-svc: h2=":443"; ma=60

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 4g6IQCWliryShscOpVG02UEqMzF6H0azP4OnuoAM+HdkHImrx8ZWOraLlLA7KVxSYDAv3x2kQCI=
x-amz-request-id: TTPJCVP4HQTZFY4P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 21:48:04 GMT
age: 1499
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 22:13:03 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/j4MaW_T50e4

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/j4MaW_T50e4
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
acc81ed022369226783ae21c15d450d7
50bbe96b4716263a805ef9f6aacf035706435b67
772755cb13d441112ccea8de2498f2d72b95b119cdaf5fe56a7ee222afab4569

HTTP Headers

POST /s/gts1p5/j4MaW_T50e4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 22:07:58 GMT
age: 306
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3044
Cache-Control: max-age=128672
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:04 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:57:36 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

e1.o.lencr.org/

95.101.11.115

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
b6cfd1a1b9a637c0075f3ed15d76adce
8868bf0bb810f493e40bf4ff6998869a01c1df9e
a8710715044aef3ba5db078b671a2a22395da8e132881a7261e139ac88036b9d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A8710715044AEF3BA5DB078B671A2A22395DA8E132881A7261E139AC88036B9D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10745
Expires: Fri, 09 Dec 2022 01:12:09 GMT
Date: Thu, 08 Dec 2022 22:13:04 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/j4MaW_T50e4

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/j4MaW_T50e4
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
acc81ed022369226783ae21c15d450d7
50bbe96b4716263a805ef9f6aacf035706435b67
772755cb13d441112ccea8de2498f2d72b95b119cdaf5fe56a7ee222afab4569

HTTP Headers

POST /s/gts1p5/j4MaW_T50e4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.215.91.121

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.91.121:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BmxTlkkNjQq35y5ODkfXFQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e/duri4rZdZSQoZUebLgzGwFFjE=

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8713
Expires: Fri, 09 Dec 2022 00:38:18 GMT
Date: Thu, 08 Dec 2022 22:13:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8713
Expires: Fri, 09 Dec 2022 00:38:18 GMT
Date: Thu, 08 Dec 2022 22:13:05 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7268 bytes)
Hash
24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wFqXeAYHSBcj85PiuqhV790clAMWg_NHMCO5Q5WARXDaohFWZdeCig==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:19:17 GMT
age: 82428
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7801 bytes)
Hash
8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 82590
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8659 bytes)
Hash
b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 81453
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12534 bytes)
Hash
57be99ac898a37d73f2ba4a24f56248f
04e32eb45581201a6a1863200e4d139df48285e6
a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 83347
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8351 bytes)
Hash
98d2cf29c710d25bd2f03ff216fdd369
b8eb2e11f9655f19334befc036f21489a6473827
614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1NxVGtHN-I6GUi6qSk7qTGZDDdIZk1Io2yP6Abe1mtlMNi12oR8hgQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 20:33:11 GMT
age: 5994
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9596 bytes)
Hash
c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
age: 86381
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.squadhelp.com/modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff2

104.22.53.96

200 OK

20 kB

URL HTTP/2
www.squadhelp.com/modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff2
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 20100, version 1.0\012- data
Size
20 kB (20100 bytes)
Hash
eb964ca850eecca0ccad41e2905742cc
5c07dcf2dc8a0cb41f79aa6242386ba3526518c0
46c3a9dd12310f604a7003f51fc8b81509f63bfda367f1d537854f0120ba30bc

HTTP Headers

GET /modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff2 HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a03b7d742d634005005d8afc9c5eff3b.css
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: application/octet-stream
content-length: 20100
last-modified: Mon, 12 Sep 2022 15:01:34 GMT
etag: "631f49ce-4e84"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 3940809
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a7ddc4b51d-OSL
X-Firefox-Spdy: h2

www.squadhelp.com/modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff2

104.22.53.96

200 OK

13 kB

URL HTTP/2
www.squadhelp.com/modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff2
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 13440, version 1.0\012- data
Size
13 kB (13440 bytes)
Hash
a2a67cca7e731eecd64d7689f6e58360
da6671f04a96bd5f39b3f3425d7ee101231f511f
abc04a100d9ffb66432cc6b85574582ac7d4da86d7eba38a699c605fe3086fbe

HTTP Headers

GET /modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff2 HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a03b7d742d634005005d8afc9c5eff3b.css
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: application/octet-stream
content-length: 13440
last-modified: Mon, 12 Sep 2022 15:01:37 GMT
etag: "631f49d1-3480"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 3940809
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a7ddc0b51d-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-M6CM29

142.250.74.168

200 OK

105 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-M6CM29
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (53438)
Size
105 kB (104779 bytes)
Hash
1f8ee9004fff2724d02d0be192ae9e34
c626b1ae107015695b79b8e22d751b6b7c514a13
76db7c99db6ff5ef2dfea6da3bad540cb4c4bb4099034ae3af6d374a2f9704e3

HTTP Headers

GET /gtm.js?id=GTM-M6CM29 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 22:13:06 GMT
expires: Thu, 08 Dec 2022 22:13:06 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104779
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.squadhelp.com/html/static_images/icon-arrow-down.svg

104.22.53.96

200 OK

922 B

URL HTTP/2
www.squadhelp.com/html/static_images/icon-arrow-down.svg
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (677)
Size
922 B (922 bytes)
Hash
f5a6ae3cd84ee175ca284ca05de3f76c
c3c5ffc01e22633bb21aa4bbdd047861d4ff7d23
bb60e993bc95c8a687cd1f80a52488ea5c6ea58b1d02722cf83d50347571eb7e

HTTP Headers

GET /html/static_images/icon-arrow-down.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a03b7d742d634005005d8afc9c5eff3b.css
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: image/svg+xml
last-modified: Sun, 09 Oct 2022 18:36:01 GMT
etag: W/"63431491-324"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 3940809
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a7cdb1b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

widget.intercom.io/widget/ld9mkn53

54.230.111.119

200 OK

6.2 kB

URL HTTP/2
widget.intercom.io/widget/ld9mkn53
IP
54.230.111.119:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Size
6.2 kB (6169 bytes)
Hash
a7d691558e56b6adbb7c994e043cf553
84b3346fe8bbf366cabe8f77a5c56380d0adf989
ec4fde0132a88d84ace3b0fa2e9ff24cdf9d7797ab33b2946a265b1b9e6fed6e

HTTP Headers

GET /widget/ld9mkn53 HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6169
last-modified: Thu, 08 Dec 2022 12:12:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: yPO7foaC0zQjUx.wP8HE9omAPhWnETBO
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Dec 2022 21:57:23 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "a7d691558e56b6adbb7c994e043cf553"
x-cache: Error from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HcZmZBcnGUhF7VuOER6LFdFcBeaE-K_AUBhIYv1xzzGbgIS-Gdd2VQ==
age: 970
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

js.intercomcdn.com/frame.5f515a49.js

54.230.111.33

200 OK

139 kB

URL HTTP/2
js.intercomcdn.com/frame.5f515a49.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
139 kB (138632 bytes)
Hash
81b8402a67603a291f8729b10804b1a2
c64883dfc333e167f03616000bb54499d34b05cd
d7025c45e49fc6b5d26598f0244a245dbc27372e0670292f21b79aeb122ced16

HTTP Headers

GET /frame.5f515a49.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 138632
last-modified: Thu, 08 Dec 2022 12:10:26 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: N4CCoQhiyGrn2JnIEooCP.Yz1NZdS.NW
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Dec 2022 22:12:09 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "81b8402a67603a291f8729b10804b1a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4dKFGYnGKSz0KSg_G5R2znALrALYSrjtchAa1uX2w_t9SKDU2IpNRA==
age: 58
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0b0ba496fb71658649baf7c24cefffe1
c67b39c55a56c8996f2dbf2d4f1da2781af24fe7
c3ac41f89626d22d2d5ec1aa1df86d97ef467a78eacf2b2bfd817f075fd5f8e7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152407
Date: Thu, 08 Dec 2022 22:13:06 GMT
Etag: "63920fda-1d7"
Expires: Sat, 10 Dec 2022 16:33:13 GMT
Last-Modified: Thu, 08 Dec 2022 16:24:58 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ag3H0Njw7W7QlNq9p3J2jbsy7WLKbnjY_gvIN0512kmpAWIIOJeSFA==
Age: 495

www.squadhelp.com/var/a03b7d742d634005005d8afc9c5eff3b.css

104.22.53.96

200 OK

120 kB

URL HTTP/2
www.squadhelp.com/var/a03b7d742d634005005d8afc9c5eff3b.css
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (51153)
Size
120 kB (119584 bytes)
Hash
932f1cb43095555278e6b889c242f9e9
769b8bc653962ad3729efdae4eea7c2029391dfd
2cd3a6d1b3b249989fab525628c3b969327502f611f21f44ea2f78219cb29063

HTTP Headers

GET /var/a03b7d742d634005005d8afc9c5eff3b.css HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/artsforallpdx.org?lp=d
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:19:17 GMT
etag: W/"63724055-4188f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 1761215
server: cloudflare
cf-ray: 7768d8a72d04b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

js.intercomcdn.com/vendor.97c49be4.js

54.230.111.33

200 OK

7.7 kB

URL HTTP/2
js.intercomcdn.com/vendor.97c49be4.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (25224)
Size
7.7 kB (7722 bytes)
Hash
3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332

HTTP Headers

GET /vendor.97c49be4.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108308
last-modified: Thu, 08 Dec 2022 12:10:26 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: ABqQtodflmH3aMLohqO2bl8zWMWh_Ntl
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Dec 2022 21:59:55 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "085e10e9e993a94201776f5c9524aac1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: C7ej_qQnm-L-ASz-V9kgZNnCLV2QkOKcJSlucjdAM6aRR4UGY6WAGQ==
age: 792
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

www.squadhelp.com/var/8f6aff5a9ea5c7dad1670a08e291772e.js

104.22.53.96

200 OK

88 kB

URL HTTP/2
www.squadhelp.com/var/8f6aff5a9ea5c7dad1670a08e291772e.js
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65469)
Size
88 kB (88476 bytes)
Hash
d5a4899fb89aa18ca70b778a8defe5af
6ff9e5f8c54ea442780e9cb846ad0afb2001b76f
596994cbbee34b94167ee73727451e72958cdb4b9d022f3d3c8f44783f9b1afc

HTTP Headers

GET /var/8f6aff5a9ea5c7dad1670a08e291772e.js HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/artsforallpdx.org?lp=d
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: application/x-javascript
last-modified: Thu, 01 Dec 2022 14:57:13 GMT
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 606180
server: cloudflare
cf-ray: 7768d8a80de6b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0cd655e21bc08091d63160578c27c4d9
6169f079be2d6ce5389d64dafc476683ecccb959
17f9b616bf3f4d5d9f99a4a415411481401528f5b1f87fc3a6957b58de1788e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 08 Dec 2022 22:13:06 GMT
Last-Modified: Thu, 08 Dec 2022 21:07:16 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Hq1aR05Zw2mgWCRQgyt1Pn0RyCLhHaz9vaqFRLOEDOtglrhfZgZmvA==
Age: 3950

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
278fb85a4e953512d99b362066a24811
e9b4d3903bda80e213fb3407d15164191e7c55c7
06b457f816f4e17f622d504de3d6dad6acfa25cb98b29c5d90ee9d16246764c8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06B457F816F4E17F622D504DE3D6DAD6ACFA25CB98B29C5D90EE9D16246764C8"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7181
Expires: Fri, 09 Dec 2022 00:12:47 GMT
Date: Thu, 08 Dec 2022 22:13:06 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
6afcda117e7e41e46049d48290431325
35e66624ec705487d7871b57ecdd04754f0eb135
2431546045b18ebd741613ae58a6b604ae67c3d590324472c71cb21156dee0fb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4559
Cache-Control: max-age=156818
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:06 GMT
Etag: "63921135-2d7"
Expires: Sat, 10 Dec 2022 17:46:44 GMT
Last-Modified: Thu, 08 Dec 2022 16:30:45 GMT
Server: ECS (amb/6BA8)
X-Cache: HIT
Content-Length: 727

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
000a7e0224b78cf7b98f7fa8162a14aa
11127ea6b6cdf3a65513e40c105287ce9e72946d
71792fe1b97e71e6eb1dc7615c18c311516aab0e7cd343b6ee8fae5dfdc055c1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152295
Date: Thu, 08 Dec 2022 22:13:06 GMT
Etag: "63921159-1d7"
Expires: Sat, 10 Dec 2022 16:31:21 GMT
Last-Modified: Thu, 08 Dec 2022 16:31:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6ShJtXEg7BZK8ofHEBxwQU0R0exhGOchN4Pyodld-2ok6LA4cbJe8w==

q.quora.com/_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd

52.72.186.224

200 OK

43 B

URL HTTP/1.1
q.quora.com/_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd
IP
52.72.186.224:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Date: Thu, 08 Dec 2022 22:13:06 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,70f9572af5b9af6e5c634a944da96ae7,10.0.0.120,3752,91.90.42.154,,84332605743,1,1670537586.601,0.002,,.,0,0,0.000,0.000,-,0,0,197,234,117,10,35796,,,,,,-,
Content-Length: 43
Connection: keep-alive

script.fixel.ai/config/FXL-1150-2383.json

54.230.111.88

200 OK

0 B

URL HTTP/2
script.fixel.ai/config/FXL-1150-2383.json
IP
54.230.111.88:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /config/FXL-1150-2383.json HTTP/1.1
Host: script.fixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Thu, 08 Dec 2022 22:11:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GjJCFJFE_CAdvgTWxBh_5KhVoViCILox3eYTe1ToYyxzq2sXWREUlQ==
age: 88
X-Firefox-Spdy: h2

script.fixel.ai/config/FXL-1150-2383.json

54.230.111.88

200 OK

152 B

URL HTTP/2
script.fixel.ai/config/FXL-1150-2383.json
IP
54.230.111.88:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
152 B (152 bytes)
Hash
651a6d3ba7143f83f44261232093a38c
43e11c4cc441663daf605df0414947c8756f2155
7a5cfb625e89e99af010b95040c9b9fdd6f518b9b87da64206c00fbb120933d1

HTTP Headers

GET /config/FXL-1150-2383.json HTTP/1.1
Host: script.fixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 152
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Mon, 01 Feb 2021 10:13:36 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: VlbH.UIcLlGlg9QOIym1wMb.PKZS9R_3
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Dec 2022 22:10:02 GMT
etag: "651a6d3ba7143f83f44261232093a38c"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: paXUtaAmSeIdZrwkxhAz6HRsiJyV1mbXFIX-lLKlPF6CjqckSKge0g==
age: 300
X-Firefox-Spdy: h2

acsbapp.com/apps/app/dist/js/app.js

104.238.215.8

200 OK

142 kB

URL HTTP/2
acsbapp.com/apps/app/dist/js/app.js
IP
104.238.215.8:0
ASN
#36007 KAMATERA

File type
Unicode text, UTF-8 text, with very long lines (61051), with no line terminators
Size
142 kB (142455 bytes)
Hash
2e4756449004c0ba2028c24ba9c45b19
81e14c987635aceb2fb00592303348cb4d5c38f6
c45ab5d4b257340d89db1609e86087307a63f9ec86a5d1381c5e65d774f9f379

HTTP Headers

GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Fri, 09 Dec 2022 22:13:06 GMT
content-type: application/x-javascript
last-modified: Sun, 04 Dec 2022 20:49:00 GMT
etag: "6a8b5-638d07bc-d84ab8ca479efdd5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 142455
date: Thu, 08 Dec 2022 22:13:06 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2

amplify.outbrain.com/cp/obtp.js

2.18.173.74

200 OK

5.3 kB

URL HTTP/1.1
amplify.outbrain.com/cp/obtp.js
IP
2.18.173.74:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (16574), with no line terminators
Size
5.3 kB (5269 bytes)
Hash
5cdda5ed80a4ee13f700ae502f7cd4ec
0e6aa932abf3c56561a686aa3e8d069aaa3ca228
d54fc3e1792330cc768902f861f0a79ecffbfd23b8db14f354e8fcefd1c831c1

HTTP Headers

GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Last-Modified: Mon, 28 Nov 2022 14:22:05 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Thu, 08 Dec 2022 22:33:07 GMT
Date: Thu, 08 Dec 2022 22:13:07 GMT
Content-Length: 5269
Connection: keep-alive

snap.licdn.com/li.lms-analytics/insight.min.js

95.101.11.48

200 OK

4.6 kB

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.min.js
IP
95.101.11.48:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (12961)
Size
4.6 kB (4581 bytes)
Hash
c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=34616
date: Thu, 08 Dec 2022 22:13:07 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.squadhelp.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.22.53.96

200 OK

21 kB

URL HTTP/2
www.squadhelp.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
21 kB (20853 bytes)
Hash
37961bbe9e304c6924536fcf7995e5e7
4b19498815581172ca8da28b1f2078c14797b14c
f5927994646d264de77ce85c3b33460a84468a69b8dc393cb75075e12f1a30b6

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/artsforallpdx.org?lp=d
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 17:55:37 GMT
etag: W/"638a3c19-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a72d09b51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 10 Dec 2022 22:13:05 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

www.squadhelp.com/html/static_images/facebook.svg

104.22.53.96

200 OK

6.4 kB

URL HTTP/2
www.squadhelp.com/html/static_images/facebook.svg
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (960)
Size
6.4 kB (6412 bytes)
Hash
bb88e5ab69bdd9f19019fcaca62da15c
00b54f4b4f66bf00152186a050397fddc402ccca
e1dd98dbcfae03906da8fc82ee37a56e8cb4a834d30e521049bff247e29f37ad

HTTP Headers

GET /html/static_images/facebook.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a03b7d742d634005005d8afc9c5eff3b.css
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: image/svg+xml
last-modified: Sun, 09 Oct 2022 18:35:47 GMT
etag: W/"63431483-428"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 3951144
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a7cdbab51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585504&cv=11&fst=1670537585504&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&rfmt=3&fmt=4

142.250.74.34

200 OK

923 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585504&cv=11&fst=1670537585504&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1936), with no line terminators
Size
923 B (923 bytes)
Hash
12a4aca6ade3a528ca2e7e65d189322d
9522cd01cbbd707a34d2046a98f2f763ba094b87
eb2f089aa2cead46d9c54618376722bb21241dd801b339ae80faf99b1975dc74

HTTP Headers

GET /pagead/viewthroughconversion/1030947153/?random=1670537585504&cv=11&fst=1670537585504&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 22:13:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 923
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Dec-2022 22:28:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.squadhelp.com/html/static_images/icon-arrow-down-blue.svg

104.22.53.96

200 OK

12 kB

URL HTTP/2
www.squadhelp.com/html/static_images/icon-arrow-down-blue.svg
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (679)
Size
12 kB (11916 bytes)
Hash
21f2c75a923d7f73254b83b95515c859
e0c5f961cc1bbce3c8b3454e53a302d31e0515eb
75d52e25b8bc78174b9cbb6bdaf2e70f90d729783d3134e719e30620fbfce27d

HTTP Headers

GET /html/static_images/icon-arrow-down-blue.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a03b7d742d634005005d8afc9c5eff3b.css
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: image/svg+xml
last-modified: Sun, 09 Oct 2022 18:36:03 GMT
etag: W/"63431493-326"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 3951144
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a7cdb9b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/unip/1344021/tfa.js

151.101.193.44

200 OK

18 kB

URL HTTP/2
cdn.taboola.com/libtrc/unip/1344021/tfa.js
IP
151.101.193.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (58953)
Size
18 kB (18112 bytes)
Hash
b28f1df4dc39e8b5dea0f135386c04f4
08439f15371788d71eb2b7dcae15086cb6515bd7
9aa6e7d861ca15f6513f2f3327370047eb5c842e5b3f5e5eb15a2d03f60910d3

HTTP Headers

GET /libtrc/unip/1344021/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ISCqmt/v+58TuZBVDsqFZRnjLjJsHPxUu5PxfYfnUgGxiGl9C+j9pAMzx2viw46P97ahKcVFcX4=
x-amz-request-id: 9GFJFFF873JXVMTW
x-amz-replication-status: PENDING
last-modified: Tue, 06 Dec 2022 12:52:39 GMT
etag: "a446bdcc0bce0eccb7b6c389a759ec18"
x-amz-version-id: bkyg9krtWk690nKLpO0RSkkVOE4i966P
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 22:13:07 GMT
via: 1.1 varnish
age: 102
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670537587.052965,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 12
content-length: 18112
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57596), with no line terminators
Size
15 kB (15375 bytes)
Hash
573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Thu, 08 Dec 2022 22:13:07 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.squadhelp.com/html/static_images/twitter.svg

104.22.53.96

200 OK

784 B

URL HTTP/2
www.squadhelp.com/html/static_images/twitter.svg
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1241)
Size
784 B (784 bytes)
Hash
2e19b50ad27a611bda268789b81858cf
8ac71beb9d9db3ccd0a7cce700cac2a1b33fabf0
5a69cf74cd7fd8310824509486bed0b446a46f3e371ae52154f3b209db574459

HTTP Headers

GET /html/static_images/twitter.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a03b7d742d634005005d8afc9c5eff3b.css
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: image/svg+xml
last-modified: Sun, 09 Oct 2022 18:35:56 GMT
etag: W/"6343148c-541"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 3951144
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a7ddbbb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4279
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Last-Modified: Thu, 08 Dec 2022 21:01:48 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585650&cv=11&fst=1670537585650&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

891 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585650&cv=11&fst=1670537585650&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1905), with no line terminators
Size
891 B (891 bytes)
Hash
a11b192c6b3ac6be5eb97b30713d6974
73b2f2ca1fff902e51204007f788d612f17fa034
e7d2eb331dd9da2276f71cdaecc4f292dc01eb180286b867606123061511a9f1

HTTP Headers

GET /pagead/viewthroughconversion/1030947153/?random=1670537585650&cv=11&fst=1670537585650&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 22:13:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 891
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Dec-2022 22:28:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.squadhelp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.22.53.96

200 OK

4.9 kB

URL HTTP/2
www.squadhelp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
4.9 kB (4944 bytes)
Hash
48c8d6df187fcd106d0a7d9c2de04506
188af1ea7a7c776297bdc64224c6cb33b15dbfc2
ba23b7e917f8ddcb6798e1ac539054d5b0e0ea7c0751408a3e30de8a59252e85

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/artsforallpdx.org?lp=d
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 17:55:37 GMT
etag: W/"638a3c19-302c"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a73d0ab51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 10 Dec 2022 22:13:05 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585530&cv=11&fst=1670537585530&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&data=dynx_pagetype%3Dother&rfmt=3&fmt=4

142.250.74.34

200 OK

891 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1670537585530&cv=11&fst=1670537585530&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&data=dynx_pagetype%3Dother&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1909), with no line terminators
Size
891 B (891 bytes)
Hash
4baf36ef57ce9c132887559b986b0e9d
85e48cc377cca94a86d4b7bd61bf840ff6acd16f
7e08a3f953f76f597fd31b85f0e1ce8ba0f812d1ac1674aa0751e5f6cd0eca72

HTTP Headers

GET /pagead/viewthroughconversion/1030947153/?random=1670537585530&cv=11&fst=1670537585530&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&auid=742296991.1670537585&data=dynx_pagetype%3Dother&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 22:13:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 891
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Dec-2022 22:28:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.squadhelp.com/html/static_images/instagam.svg

104.22.53.96

200 OK

1.6 kB

URL HTTP/2
www.squadhelp.com/html/static_images/instagam.svg
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3387)
Size
1.6 kB (1554 bytes)
Hash
ee85ef72b59eb226febdd64c626c38a0
2f21a0717361dac984a1f0189e8db5a8ce274c66
ef41d6655e7fa31bdb2a6cff68dc623212a619b48f13cd6d8cc3aabe8747c5e4

HTTP Headers

GET /html/static_images/instagam.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a03b7d742d634005005d8afc9c5eff3b.css
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: image/svg+xml
last-modified: Sun, 09 Oct 2022 18:35:50 GMT
etag: W/"63431486-da3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 3951144
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a7ddbcb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.squadhelp.com/name/artsforallpdx.org?lp=d

104.22.53.96

200 OK

23 kB

URL HTTP/2
www.squadhelp.com/name/artsforallpdx.org?lp=d
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32622)
Size
23 kB (22913 bytes)
Hash
cb4e1416f495eb94fe4083d48dacd853
7100c02bc36dd364b3813126aa8fd4c06c75aeaf
1494fb3b5c6c598e7247b1bdd18b1d4ffc2832f7f81891b8de0642363369c42c

HTTP Headers

GET /name/artsforallpdx.org?lp=d HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
endpoint: sh-live-next
cf-cache-status: MISS
last-modified: Thu, 08 Dec 2022 22:13:05 GMT
set-cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=; path=/; expires=Thu, 08-Dec-22 22:43:05 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7768d89df95fb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

157.240.221.16

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Fiku9FsfbKZyJ5/dUMA4KhtOc99ycfeqd7aGd/DtYfVeaeYziyA8V3kG71oe/MWWlx/iMik9etik8rCeqEo3mw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 22:13:07 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

alb.reddit.com/rp.gif?ts=1670537585752&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=4418b539-1666-4a67-8ed9-f67156f6de97&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8

151.101.129.140

200 OK

42 B

URL HTTP/2
alb.reddit.com/rp.gif?ts=1670537585752&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=4418b539-1666-4a67-8ed9-f67156f6de97&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP
151.101.129.140:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /rp.gif?ts=1670537585752&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=4418b539-1666-4a67-8ed9-f67156f6de97&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 08 Dec 2022 22:13:07 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4279
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Last-Modified: Thu, 08 Dec 2022 21:01:48 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.fixelapp.com/api/v2/grade/FXL-1150-2383

34.193.248.175

503 Service Unavailable: Back-end server is at capacity

0 B

URL HTTP/1.1
api.fixelapp.com/api/v2/grade/FXL-1150-2383
IP
34.193.248.175:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v2/grade/FXL-1150-2383 HTTP/1.1
Host: api.fixelapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 402
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 503 Service Unavailable: Back-end server is at capacity
Content-Length: 0
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
9abf81d2f03b46927516b22413785c55
5c5e16d18591fe52bf6ba1676c8f7441d5a29631
6a37afde332bfab52a7b5862b5b7f0b7896d7c8b9946c3a7217b08fe274acdbe

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6341
Cache-Control: max-age=142048
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Etag: "6391d08e-139"
Expires: Sat, 10 Dec 2022 13:40:35 GMT
Last-Modified: Thu, 08 Dec 2022 11:54:54 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313

region1.google-analytics.com/g/collect?v=2&tid=G-VJ36JWQDE1&gtm=2oebu0&_p=189176799&cid=171965940.1670537586&ul=en-us&sr=1280x1024&_s=1&sid=1670537585&sct=1&seg=0&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&dt=artsforallpdx.org&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-VJ36JWQDE1&gtm=2oebu0&_p=189176799&cid=171965940.1670537586&ul=en-us&sr=1280x1024&_s=1&sid=1670537585&sct=1&seg=0&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&dt=artsforallpdx.org&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-VJ36JWQDE1&gtm=2oebu0&_p=189176799&cid=171965940.1670537586&ul=en-us&sr=1280x1024&_s=1&sid=1670537585&sct=1&seg=0&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&dt=artsforallpdx.org&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.squadhelp.com
date: Thu, 08 Dec 2022 22:13:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
db3763c1a2b500a474ba7c65cbfe8831
7a5b8a17ad25497f41372a4d5dbb5964c417b6db
a09e8b9d5777ed6d5b96cabc60ac5be326fd4e92f7c4612fa9efd79234d845ad

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 08 Dec 2022 22:13:07 GMT
Last-Modified: Thu, 08 Dec 2022 21:22:23 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pHueZ4WFdJ7iU9XTemZHTSpJX1088rVdokQDasswGZs76l1EY92bIw==
Age: 3045

t.co/i/adsct?bci=3&eci=2&event_id=4de6582a-2c27-4dae-85fc-a96ed3399ae2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=015f4bb8-a5fa-4bc6-90b9-d9aa47e6aacb&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29

104.244.42.69

200 OK

43 B

URL HTTP/2
t.co/i/adsct?bci=3&eci=2&event_id=4de6582a-2c27-4dae-85fc-a96ed3399ae2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=015f4bb8-a5fa-4bc6-90b9-d9aa47e6aacb&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
IP
104.244.42.69:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=4de6582a-2c27-4dae-85fc-a96ed3399ae2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=015f4bb8-a5fa-4bc6-90b9-d9aa47e6aacb&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:06 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=56decd13-0357-4b43-b6b1-b128b88bf67a; Max-Age=63072000; Expires=Sat, 07 Dec 2024 22:13:07 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 14f51163e7ba981b
strict-transport-security: max-age=0
x-response-time: 104
x-connection-hash: b2025229a0e3f8f03b5c3433f7978a62728a49deac5eed2ec54b4dd18ff31414
X-Firefox-Spdy: h2

tags.srv.stackadapt.com/events.js

54.243.239.236

200 OK

5.4 kB

URL HTTP/1.1
tags.srv.stackadapt.com/events.js
IP
54.243.239.236:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (16677)
Size
5.4 kB (5380 bytes)
Hash
de4054dc5de94c6183398d52fcaae6be
802d2a43991ac42c14bc618a39c171d5630a0b4d
ee133a06ba72a75722d0d9fc8993489730f45e1d1f39c55cdee0a9558f4f11b5

HTTP Headers

GET /events.js HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Content-Encoding: gzip
Content-Type: text/javascript
Date: Thu, 08 Dec 2022 22:13:07 GMT
Set-Cookie: sa-user-id=s%3A0-6db6a0b8-8eb0-4e1f-71a5-23946d43774a.twAGwR8VR3LCpsrHvsKPiHsVghO4jEFt4Awt%2B3LfRMw; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AbbaguI6wTh9xpSOUbUN3SltaKpo.FnyDJjzC8tKST5b3XHcPd156NRwBBkVTPbzUgC9Fbzg; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 5380
Connection: keep-alive

cdn.acsbapp.com/cache/app/squadhelp.com/config.json

104.238.215.8

200 OK

158 B

URL HTTP/2
cdn.acsbapp.com/cache/app/squadhelp.com/config.json
IP
104.238.215.8:0
ASN
#36007 KAMATERA

File type
JSON data\012- , ASCII text, with no line terminators
Size
158 B (158 bytes)
Hash
3e91e3137851cd7602abd2c83d5beb3f
1b9ff11ef83efb16b5ba09ee21f765389c327730
915106983ccd9bc2ef7ddd93eb95c602011621767917166da176e9077d33cec6

HTTP Headers

GET /cache/app/squadhelp.com/config.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Fri, 09 Dec 2022 22:13:07 GMT
content-type: application/json
last-modified: Thu, 08 Dec 2022 22:12:15 GMT
etag: "9e-6392613f-69c17ccae2764895;;;"
accept-ranges: bytes
content-length: 158
date: Thu, 08 Dec 2022 22:13:07 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2

tags.srv.stackadapt.com/sa.css

54.243.239.236

200 OK

27 B

URL HTTP/1.1
tags.srv.stackadapt.com/sa.css
IP
54.243.239.236:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
27 B (27 bytes)
Hash
83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc

HTTP Headers

GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Thu, 08 Dec 2022 22:13:07 GMT
Content-Length: 27
Connection: keep-alive

js-agent.newrelic.com/290.2d6a2503-1220.js

151.101.194.137

200 OK

3.4 kB

URL HTTP/2
js-agent.newrelic.com/290.2d6a2503-1220.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (8544)
Size
3.4 kB (3424 bytes)
Hash
b9baa2cb6a3b1a3d0fda03cd7db51631
42d37467e05182e3cab2fcb54577dc462adcf50b
31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822

HTTP Headers

GET /290.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: w13KyJHc6nZxbdEwslB41w8/Eu8hqTxWFthe9Ce9ktH5t1CQfPDcADzeIbbM0XmVboDReCBCqwPazqB/yCHcHQ==
x-amz-request-id: ENM21W9CJ64N9SCW
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 22:13:07 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: HIT
x-cache-hits: 3091
x-timer: S1670537588.592604,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2

cdn.acsbapp.com/cache/app/en.build.json

104.238.215.8

200 OK

26 kB

URL HTTP/2
cdn.acsbapp.com/cache/app/en.build.json
IP
104.238.215.8:0
ASN
#36007 KAMATERA

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65461), with no line terminators
Size
26 kB (25914 bytes)
Hash
fe8b4da3e0d6161913b6caa5e3505575
6c625c33c424dc85f3fd0809846131f953e07198
be4521e7ef5edfdf2204fbfa22588e7ac74e42f6d79d7d8ec29c47bf9bbab9a0

HTTP Headers

GET /cache/app/en.build.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Fri, 09 Dec 2022 22:13:07 GMT
content-type: application/json
last-modified: Sun, 04 Dec 2022 20:50:04 GMT
etag: "3b8a8-638d07fc-14fdec1890c3c052;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 25914
date: Thu, 08 Dec 2022 22:13:07 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2

js-agent.newrelic.com/768.2d6a2503-1220.js

151.101.194.137

200 OK

2.2 kB

URL HTTP/2
js-agent.newrelic.com/768.2d6a2503-1220.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (5523)
Size
2.2 kB (2225 bytes)
Hash
98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7

HTTP Headers

GET /768.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: P4mBsEL/DTAFzpZmpgTrdkaNBJrByz58gWXjGItRhFpF6Y8vCPU2Lz0KL/HwWqBLBPUd/7ipab8=
x-amz-request-id: XM6J50R0X1MZPD9F
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 22:13:07 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: HIT
x-cache-hits: 4666
x-timer: S1670537588.592897,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2

js-agent.newrelic.com/368.2d6a2503-1220.js

151.101.194.137

200 OK

1.4 kB

URL HTTP/2
js-agent.newrelic.com/368.2d6a2503-1220.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (3382)
Size
1.4 kB (1443 bytes)
Hash
fa50a55750d1d0978fca32be5dbc3988
a7f447621d48b3ecf7fc0192b515d506d3d1ad18
c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20

HTTP Headers

GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: GUwozRedGseijuU5ypA/WbbnDIf/u5E5/2u5+kb3ugz/wj5jQhWm8oFz9CQSV79o7P1yeeJAp+M=
x-amz-request-id: K9T2FMDPRF0ZCE4Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 22:13:07 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: HIT
x-cache-hits: 4110
x-timer: S1670537588.592915,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2

api-iam.intercom.io/messenger/web/ping

3.93.95.179

200 OK

1.8 kB

URL HTTP/2
api-iam.intercom.io/messenger/web/ping
IP
3.93.95.179:0
ASN
#14618 AMAZON-AES

File type
data
Size
1.8 kB (1760 bytes)
Hash
eabbf7fa3ab34b5bcbacecfe6554de99
c3dd2b9474934685fa3b7917d8bffbc42c5f6af0
1ef9cc804ba972c57c008d3af99e2802d2d4801dcac3a8805981665ae2193fad

HTTP Headers

POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 380
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:07 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1670537590
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13312
access-control-allow-origin: https://www.squadhelp.com
vary: Accept,Accept-Encoding
x-intercom-version: 5dd0425defdb1cf8edf1431b2ef26118e979a25f
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 0006qpo2vgjs2rt8lur0
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"42e5360bc2b16ab737710fc64c13297e"
x-runtime: 0.331657
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-0a24581f9166fc519
X-Firefox-Spdy: h2

js-agent.newrelic.com/775.2d6a2503-1220.js

151.101.194.137

200 OK

632 B

URL HTTP/2
js-agent.newrelic.com/775.2d6a2503-1220.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1169)
Size
632 B (632 bytes)
Hash
661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7

HTTP Headers

GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: 7LFMHtjJh1S3I7Y2nadjyW3qD5GSEUAPkhvRiGWUqI2yNIsj2jxS1WztietgESJCTo8b+MSjBS8=
x-amz-request-id: XM6WXR7ZNKJZ7WDR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 22:13:07 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: HIT
x-cache-hits: 1584
x-timer: S1670537588.595308,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=f971de94-db6b-40fb-b59b-0bb4b3454c32&sid=7db64840774511ed92d9f990cdcff156&vid=7db67110774511ed99fa29790885db8f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=artsforallpdx.org&p=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&r=&lt=2785&evt=pageLoad&sv=1&rn=575668

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=f971de94-db6b-40fb-b59b-0bb4b3454c32&sid=7db64840774511ed92d9f990cdcff156&vid=7db67110774511ed99fa29790885db8f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=artsforallpdx.org&p=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&r=&lt=2785&evt=pageLoad&sv=1&rn=575668
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=15226519&tm=gtm002&Ver=2&mid=f971de94-db6b-40fb-b59b-0bb4b3454c32&sid=7db64840774511ed92d9f990cdcff156&vid=7db67110774511ed99fa29790885db8f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=artsforallpdx.org&p=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&r=&lt=2785&evt=pageLoad&sv=1&rn=575668 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=09787E58E9D661C321546C2CE82360C8; domain=.bing.com; expires=Tue, 02-Jan-2024 22:13:07 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1CB86F4FDF434C4A83485C74FEBE0615 Ref B: OSL30EDGE0220 Ref C: 2022-12-08T22:13:07Z
date: Thu, 08 Dec 2022 22:13:07 GMT
X-Firefox-Spdy: h2

www.squadhelp.com/geo-business-names/bubble-theme-dynamic-data

104.22.53.96

200 OK

7 B

URL HTTP/2
www.squadhelp.com/geo-business-names/bubble-theme-dynamic-data
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text
Size
7 B (7 bytes)
Hash
d75a58484d152958926a923d15951593
67ce94c3ad442e2e8c75491f1d07cb584a20479f
76ced2e8bf7a7cf4bd2f5fa4ce2ad5c1424fd5130235f4d488d00657fc9d933c

HTTP Headers

GET /geo-business-names/bubble-theme-dynamic-data HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.squadhelp.com/name/artsforallpdx.org?lp=d
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=s9d6dl554jpbj5171auve2le03; expires=Fri, 09-Dec-2022 22:13:06 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7768d8a90f3db51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-conversion/1030947153/?random=1670537585494&cv=11&fst=1670537585494&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&value=0&bttype=purchase&auid=742296991.1670537585&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0

142.250.74.67

200 OK

63 B

URL HTTP/2
www.google.no/pagead/1p-conversion/1030947153/?random=1670537585494&cv=11&fst=1670537585494&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&value=0&bttype=purchase&auid=742296991.1670537585&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26

HTTP Headers

GET /pagead/1p-conversion/1030947153/?random=1670537585494&cv=11&fst=1670537585494&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&value=0&bttype=purchase&auid=742296991.1670537585&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 22:13:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bat.bing.com/p/action/15226519.js

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/p/action/15226519.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/15226519.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=0ED5D46923CD6BD21DDEC61D22386A3A; domain=.bing.com; expires=Tue, 02-Jan-2024 22:13:07 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8DB86287F234B7E919BB855461DEADE Ref B: OSL30EDGE0220 Ref C: 2022-12-08T22:13:07Z
date: Thu, 08 Dec 2022 22:13:07 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
ec20b9880a4b5706b3348131a233593b
cb8d0cccf87a4c4299e16a4c46120ec0ac870a26
99bbc3b1bb7d5ff8e29c389ed6c36e4e43ee7b86d0a28e299ff146d5a2981ab7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6585
Cache-Control: max-age=96918
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Etag: "63911f50-139"
Expires: Sat, 10 Dec 2022 01:08:25 GMT
Last-Modified: Wed, 07 Dec 2022 23:18:40 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313

www.google.no/pagead/1p-user-list/1030947153/?random=1670537585650&cv=11&fst=1670536800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3735967748&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/1030947153/?random=1670537585650&cv=11&fst=1670536800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3735967748&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/1030947153/?random=1670537585650&cv=11&fst=1670536800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3735967748&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 22:13:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/1030947153/?random=1670537585504&cv=11&fst=1670536800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&fmt=3&is_vtc=1&random=1873370339&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/1030947153/?random=1670537585504&cv=11&fst=1670536800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&fmt=3&is_vtc=1&random=1873370339&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/1030947153/?random=1670537585504&cv=11&fst=1670536800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&fmt=3&is_vtc=1&random=1873370339&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 22:13:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/34987/domain/squadhelp.com/token

54.230.111.42

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/34987/domain/squadhelp.com/token
IP
54.230.111.42:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /partner/34987/domain/squadhelp.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Thu, 08 Dec 2022 05:18:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4kT1YuzckhlXOac54tQJJXhpu91PpyWI_B8sdee0B_98kgxGKzitQQ==
age: 60854
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/1030947153/?random=1670537585530&cv=11&fst=1670536800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&data=dynx_pagetype%3Dother&fmt=3&is_vtc=1&random=1842912877&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/1030947153/?random=1670537585530&cv=11&fst=1670536800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&data=dynx_pagetype%3Dother&fmt=3&is_vtc=1&random=1842912877&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/1030947153/?random=1670537585530&cv=11&fst=1670536800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tiba=artsforallpdx.org&data=dynx_pagetype%3Dother&fmt=3&is_vtc=1&random=1842912877&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 22:13:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

script.fixel.ai/script/Fixel.min.js

54.230.111.88

200 OK

94 kB

URL HTTP/2
script.fixel.ai/script/Fixel.min.js
IP
54.230.111.88:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (43820)
Size
94 kB (93798 bytes)
Hash
ad34ab23856dcd924272d25b0f5e0abd
7146ad2acedc861d1cb6b92483f11e7efd169f0c
9da4d6f03a81e34d07e906f3b33d9f7351b01e683d25948491842983709c0f67

HTTP Headers

GET /script/Fixel.min.js HTTP/1.1
Host: script.fixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 31 May 2021 09:44:32 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: qn3ku6T2KTYfiw1ZK.qbHtFFDfyG1XJc
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 22:13:06 GMT
etag: W/"bd757ff2fd05d44091740f66680801be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: de9k_5SGrcJsbw2LmCLvRmazh5COa2vTX5yaBp4Js3L4d9i3-4I3HQ==
age: 61
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

nexus-websocket-a.intercom.io/pubsub/5-XFm5sir1ygVvPRiQMWPgeoFIZYU4mwcQ3LOO7ukdr4ONBJSagt1ivcvzow4X-ijWM_nsQRmx7erflzR_ryBCsqswHSiOulDt262r?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined

35.174.127.31

101 Switching Protocols

0 B

URL HTTP/1.1
nexus-websocket-a.intercom.io/pubsub/5-XFm5sir1ygVvPRiQMWPgeoFIZYU4mwcQ3LOO7ukdr4ONBJSagt1ivcvzow4X-ijWM_nsQRmx7erflzR_ryBCsqswHSiOulDt262r?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
IP
35.174.127.31:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pubsub/5-XFm5sir1ygVvPRiQMWPgeoFIZYU4mwcQ3LOO7ukdr4ONBJSagt1ivcvzow4X-ijWM_nsQRmx7erflzR_ryBCsqswHSiOulDt262r?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.squadhelp.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UBPohKKAAFmidKziQ6/N/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Thu, 08 Dec 2022 22:13:07 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vt8dkGvYp7rhI4hmnBMoUNIjEZ4=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover

www.clarity.ms/tag/3xq9rdybkj

13.107.246.53

200 OK

1.7 kB

URL HTTP/2
www.clarity.ms/tag/3xq9rdybkj
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.7 kB (1655 bytes)
Hash
b06968cd4f86f1ae9bc7a3db854f143a
6ec820a5b2039ff5c0f94fea4df601a5039c802d
580a1eba2ef407edce2ee98a00d9ad5996aa7d104a79a4c45789ec3ded00d442

HTTP Headers

GET /tag/3xq9rdybkj HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=2f9dcfc0425f4b5392f509579f908d7c.20221208.20231208; expires=Fri, 08 Dec 2023 22:13:07 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
x-cache: CONFIG_NOCACHE
x-azure-ref: 0c2GSYwAAAABWRWkp4wl2Q5yQM7TMNyGuU1ZHMjBFREdFMDUxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 08 Dec 2022 22:13:06 GMT
X-Firefox-Spdy: h2

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=4F63659A0A7F4A449649A89CAA643FA1&RedC=c.clarity.ms&MXFR=103C31E539EF6FD43FC123913DEF6145
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=103C31E539EF6FD43FC123913DEF6145; domain=.clarity.ms; expires=Tue, 02-Jan-2024 22:13:07 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 08 Dec 2022 22:13:06 GMT
content-length: 0
X-Firefox-Spdy: h2

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
76ab40ab6403ea449a18fb59b1da283e
db5c8571f91993f10ab9f1edc212b5f3b402afc5
97269d6d012a98d1369a5e4b99db28ccd38c6086c386cc03508aff94f5a1c2e3

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2569
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Last-Modified: Thu, 08 Dec 2022 21:30:18 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
463bcaef421199f7ea4216405d409f3a
51a32bdb4a049502cc7154910c257acc5b748292
66560b89ac85ab969d7e5b602f460b18f44de66574668faed3da61dcbd12858c

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3059
Cache-Control: max-age=85868
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:07 GMT
Etag: "639101ec-1d7"
Expires: Fri, 09 Dec 2022 22:04:15 GMT
Last-Modified: Wed, 07 Dec 2022 21:13:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1670537586280&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd

13.107.42.14

302 Found

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1670537586280&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=34987&time=1670537586280&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1670537586280%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fname%252Fartsforallpdx.org%253Flp%253Dd%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLkO8O9PpjGiwAAAYTzzKwuIHRU2lQ-4QViOezv71r269BZi38G5GbVx1mlixcNYZoSVx_L07A7zA; Max-Age=2592000; Expires=Sat, 07 Jan 2023 22:13:07 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJf7FYF4hHKXQAAAYTzzKwuiqrfhGIIXgA3nYR8NrXhEjX2ULKCgP5TsizqcucL6XJ7TyyV4oc5ji5QGFF2sw; Max-Age=2592000; Expires=Sat, 07 Jan 2023 22:13:07 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&1945a95f-2130-4e1c-81b7-66bdc12a8939"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 08-Dec-2023 22:13:07 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2393:u=1:x=1:i=1670537587:t=1670623987:v=2:sig=AQH4GUXHUVo2Ajl1EwKSJb8k0oTwi3pE"; Expires=Fri, 09 Dec 2022 22:13:07 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXvWFeAb+kjNccuHJi2Kg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D487B6E399F1488FBD244B2EBCCB6275 Ref B: OSL30EDGE0417 Ref C: 2022-12-08T22:13:07Z
date: Thu, 08 Dec 2022 22:13:06 GMT
content-length: 0
X-Firefox-Spdy: h2

analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=4de6582a-2c27-4dae-85fc-a96ed3399ae2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=015f4bb8-a5fa-4bc6-90b9-d9aa47e6aacb&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29

104.244.42.131

200 OK

43 B

URL HTTP/2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=4de6582a-2c27-4dae-85fc-a96ed3399ae2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=015f4bb8-a5fa-4bc6-90b9-d9aa47e6aacb&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
IP
104.244.42.131:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=4de6582a-2c27-4dae-85fc-a96ed3399ae2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=015f4bb8-a5fa-4bc6-90b9-d9aa47e6aacb&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:07 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_IlXhbkjkd0TiCVbiBZDPXQ=="; Max-Age=63072000; Expires=Sat, 07 Dec 2024 22:13:07 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 5cf83aacc92e0ff6
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: d15afb0c81d923cffc06713bbe447ae194443271178816047cbddb7c23ee394a
X-Firefox-Spdy: h2

tr.outbrain.com/cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc

64.202.112.95

200 OK

56 B

URL HTTP/1.1
tr.outbrain.com/cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc
IP
64.202.112.95:0
ASN
#22075 AS-OUTBRAIN

File type
ASCII text, with no line terminators
Size
56 B (56 bytes)
Hash
77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599

HTTP Headers

GET /cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:13:07 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 80ca38e09eb6ae608e5efd869f701cd2
content-encoding: gzip

tr.outbrain.com/unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&optOut=false&bust=01599032756257439&referrer=

64.202.112.95

200 OK

60 B

URL HTTP/1.1
tr.outbrain.com/unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&optOut=false&bust=01599032756257439&referrer=
IP
64.202.112.95:0
ASN
#22075 AS-OUTBRAIN

File type
GIF image data, version 89a, 1 x 1\012- data
Size
60 B (60 bytes)
Hash
fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb

HTTP Headers

GET /unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&optOut=false&bust=01599032756257439&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:13:07 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 11194d99fec46750cb7bb55b5afccae1
content-encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c.bing.com/c.gif?CtsSyncId=4F63659A0A7F4A449649A89CAA643FA1&RedC=c.clarity.ms&MXFR=103C31E539EF6FD43FC123913DEF6145

204.79.197.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=4F63659A0A7F4A449649A89CAA643FA1&RedC=c.clarity.ms&MXFR=103C31E539EF6FD43FC123913DEF6145
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=4F63659A0A7F4A449649A89CAA643FA1&RedC=c.clarity.ms&MXFR=103C31E539EF6FD43FC123913DEF6145 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=4F63659A0A7F4A449649A89CAA643FA1&MUID=3747161C50CA68B635620468513F693A
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3747161C50CA68B635620468513F693A; domain=c.bing.com; expires=Tue, 02-Jan-2024 22:13:07 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FDF4849D39C04E7FA065A02C4D6D8102 Ref B: OSL30EDGE0220 Ref C: 2022-12-08T22:13:07Z
date: Thu, 08 Dec 2022 22:13:07 GMT
content-length: 0
X-Firefox-Spdy: h2

web1.acsbapp.com/apps/app/dist/media/logomono.svg

138.128.247.123

200 OK

1.2 kB

URL HTTP/2
web1.acsbapp.com/apps/app/dist/media/logomono.svg
IP
138.128.247.123:0
ASN
#36007 KAMATERA

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
1.2 kB (1210 bytes)
Hash
5a1c5c803738f6acbab0a79379c92c10
9f4639325d9e8e69ccc2bfc30d0f83d7dd11cd79
04009697f389893748179c149cad7b1e399d23a2284637350fe07ad94ffa5350

HTTP Headers

GET /apps/app/dist/media/logomono.svg HTTP/1.1
Host: web1.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Fri, 08 Dec 2023 22:13:08 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1210
date: Thu, 08 Dec 2022 22:13:08 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&rl=&if=false&ts=1670537587084&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670537587083.1291962792&it=1670537586437&coo=false&tm=1&rqm=GET

157.240.221.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&rl=&if=false&ts=1670537587084&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670537587083.1291962792&it=1670537586437&coo=false&tm=1&rqm=GET
IP
157.240.221.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&rl=&if=false&ts=1670537587084&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670537587083.1291962792&it=1670537586437&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 08 Dec 2022 22:13:08 GMT
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-1&cid=171965940.1670537586&jid=15826840&gjid=883119167&_gid=807019331.1670537586&_u=aDDAgEADQAAAAGAAI~&z=2134204476

64.233.165.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-1&cid=171965940.1670537586&jid=15826840&gjid=883119167&_gid=807019331.1670537586&_u=aDDAgEADQAAAAGAAI~&z=2134204476
IP
64.233.165.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-1&cid=171965940.1670537586&jid=15826840&gjid=883119167&_gid=807019331.1670537586&_u=aDDAgEADQAAAAGAAI~&z=2134204476 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.squadhelp.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:13:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-4&cid=171965940.1670537586&jid=1451013854&gjid=32670042&_gid=807019331.1670537586&_u=KDDAAEACQAAAACAAI~&z=956184402

64.233.165.157

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-4&cid=171965940.1670537586&jid=1451013854&gjid=32670042&_gid=807019331.1670537586&_u=KDDAAEACQAAAACAAI~&z=956184402
IP
64.233.165.157:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-4&cid=171965940.1670537586&jid=1451013854&gjid=32670042&_gid=807019331.1670537586&_u=KDDAAEACQAAAACAAI~&z=956184402 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.squadhelp.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:13:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

tags.srv.stackadapt.com/saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&t=artsforallpdx.org&tip=gF42zrU7pPMtCMMPRMx-CpvHJ6DPqs8zkgJcTVAAoy0&host=https://www.squadhelp.com&sa-user-id-v2=s%253AbbaguI6wTh9xpSOUbUN3SltaKpo.FnyDJjzC8tKST5b3XHcPd156NRwBBkVTPbzUgC9Fbzg&sa-user-id=s%253A0-6db6a0b8-8eb0-4e1f-71a5-23946d43774a.twAGwR8VR3LCpsrHvsKPiHsVghO4jEFt4Awt%252B3LfRMw

54.243.239.236

200 OK

116 B

URL HTTP/1.1
tags.srv.stackadapt.com/saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&t=artsforallpdx.org&tip=gF42zrU7pPMtCMMPRMx-CpvHJ6DPqs8zkgJcTVAAoy0&host=https://www.squadhelp.com&sa-user-id-v2=s%253AbbaguI6wTh9xpSOUbUN3SltaKpo.FnyDJjzC8tKST5b3XHcPd156NRwBBkVTPbzUgC9Fbzg&sa-user-id=s%253A0-6db6a0b8-8eb0-4e1f-71a5-23946d43774a.twAGwR8VR3LCpsrHvsKPiHsVghO4jEFt4Awt%252B3LfRMw
IP
54.243.239.236:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
116 B (116 bytes)
Hash
9e29b9729014a4e6a0f9acf522daa07d
7ecad4e87388022ea224a8752b5ccf02aa3abcac
65d6fc76a8f26596cce60b33939093689c23e38cdc324343e82b3e7951ea84a1

HTTP Headers

GET /saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&t=artsforallpdx.org&tip=gF42zrU7pPMtCMMPRMx-CpvHJ6DPqs8zkgJcTVAAoy0&host=https://www.squadhelp.com&sa-user-id-v2=s%253AbbaguI6wTh9xpSOUbUN3SltaKpo.FnyDJjzC8tKST5b3XHcPd156NRwBBkVTPbzUgC9Fbzg&sa-user-id=s%253A0-6db6a0b8-8eb0-4e1f-71a5-23946d43774a.twAGwR8VR3LCpsrHvsKPiHsVghO4jEFt4Awt%252B3LfRMw HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.squadhelp.com
Content-Type: text/plain; charset=utf-8
Date: Thu, 08 Dec 2022 22:13:08 GMT
Content-Length: 116
Connection: keep-alive

tags.srv.stackadapt.com/sa.jpeg

54.243.239.236

200 OK

651 B

URL HTTP/1.1
tags.srv.stackadapt.com/sa.jpeg
IP
54.243.239.236:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Size
651 B (651 bytes)
Hash
8d2599e494a9f2cbc66800d64c0773aa
8cc0fad4a737102cda860527b9c0aece5630d129
38263c996a313d6835727dc405fcd557a726e82e4e8e8d0a0b7434ccf16e3cfa

HTTP Headers

GET /sa.jpeg HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: image/jpeg
Date: Thu, 08 Dec 2022 22:13:08 GMT
Content-Length: 651
Connection: keep-alive

c.clarity.ms/c.gif?CtsSyncId=4F63659A0A7F4A449649A89CAA643FA1&MUID=3747161C50CA68B635620468513F693A

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=4F63659A0A7F4A449649A89CAA643FA1&MUID=3747161C50CA68B635620468513F693A
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=4F63659A0A7F4A449649A89CAA643FA1&MUID=3747161C50CA68B635620468513F693A HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 08-Dec-2022 22:23:08 GMT; path=/; SameSite=None; Secure;
date: Thu, 08 Dec 2022 22:13:07 GMT
content-length: 42
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:13:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1670537586280%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fname%252Fartsforallpdx.org%253Flp%253Dd%26liSync%3Dtrue

13.107.42.14

302 Found

0 B

URL HTTP/2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1670537586280%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fname%252Fartsforallpdx.org%253Flp%253Dd%26liSync%3Dtrue
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1670537586280%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fname%252Fartsforallpdx.org%253Flp%253Dd%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1670537586280&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&7a46adeb-5a64-43c6-8fdf-430bdf70a533"; Domain=.linkedin.com; Expires=Fri, 08-Dec-2023 22:13:08 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221208221308367a0bc2-324b-44b7-8a9f-1e89aef10405AQHpuruxek-B34IPhgyN8rHbVEuXvlSN"; Domain=.www.linkedin.com; Expires=Fri, 08-Dec-2023 22:13:08 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzA1Mzc1ODg7MjswMjGKrOD+5bVPbFOU1JF2aqEQcMCOWoSIDDxFEkvVAlYP1w==; Domain=.linkedin.com; Expires=Tue, 06 Jun 2023 22:13:08 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2432:u=1:x=1:i=1670537588:t=1670623988:v=2:sig=AQGa2hzBDR9nZGnv7QW96jjGFFGhwuT1"; Expires=Fri, 09 Dec 2022 22:13:08 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXvWFeEtPgxctfjhKADVA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: ACAE02E83335456DA77727E722C7A9CC Ref B: OSL30EDGE0417 Ref C: 2022-12-08T22:13:07Z
date: Thu, 08 Dec 2022 22:13:07 GMT
content-length: 0
X-Firefox-Spdy: h2

bam.nr-data.net/1/a159e7928d?a=126710130&v=1220.PROD&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=4520&ck=0&s=6350f223875c0d0b&ref=https://www.squadhelp.com/name/artsforallpdx.org&ap=384&be=2773&fe=94&dc=82&perf=%7B%22timing%22:%7B%22of%22:1670537582465,%22n%22:0,%22f%22:950,%22dn%22:952,%22dne%22:980,%22c%22:980,%22s%22:983,%22ce%22:1093,%22rq%22:1093,%22rp%22:2487,%22rpe%22:2487,%22dl%22:2498,%22di%22:2697,%22ds%22:2732,%22de%22:2734,%22dc%22:2767,%22l%22:2767,%22le%22:2785%7D,%22navigation%22:%7B%7D%7D&fcp=2688&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken

162.247.241.14

200 OK

77 B

URL HTTP/1.1
bam.nr-data.net/1/a159e7928d?a=126710130&v=1220.PROD&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=4520&ck=0&s=6350f223875c0d0b&ref=https://www.squadhelp.com/name/artsforallpdx.org&ap=384&be=2773&fe=94&dc=82&perf=%7B%22timing%22:%7B%22of%22:1670537582465,%22n%22:0,%22f%22:950,%22dn%22:952,%22dne%22:980,%22c%22:980,%22s%22:983,%22ce%22:1093,%22rq%22:1093,%22rp%22:2487,%22rpe%22:2487,%22dl%22:2498,%22di%22:2697,%22ds%22:2732,%22de%22:2734,%22dc%22:2767,%22l%22:2767,%22le%22:2785%7D,%22navigation%22:%7B%7D%7D&fcp=2688&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/a159e7928d?a=126710130&v=1220.PROD&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=4520&ck=0&s=6350f223875c0d0b&ref=https://www.squadhelp.com/name/artsforallpdx.org&ap=384&be=2773&fe=94&dc=82&perf=%7B%22timing%22:%7B%22of%22:1670537582465,%22n%22:0,%22f%22:950,%22dn%22:952,%22dne%22:980,%22c%22:980,%22s%22:983,%22ce%22:1093,%22rq%22:1093,%22rp%22:2487,%22rpe%22:2487,%22dl%22:2498,%22di%22:2697,%22ds%22:2732,%22de%22:2734,%22dc%22:2767,%22l%22:2767,%22le%22:2785%7D,%22navigation%22:%7B%7D%7D&fcp=2688&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:13:08 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7768d8b4b854b4fa-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1670537586280&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&liSync=true

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1670537586280&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&liSync=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=34987&time=1670537586280&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&68b1c6b4-069c-411b-8a07-503a8e7c5b6d"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 08-Dec-2023 22:13:08 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2432:u=1:x=1:i=1670537588:t=1670623988:v=2:sig=AQGa2hzBDR9nZGnv7QW96jjGFFGhwuT1"; Expires=Fri, 09 Dec 2022 22:13:08 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-source-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXvWFeHeKfNkXGrGjQWaw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F1FC314E5FC54823911DEBF0D6CCA9F0 Ref B: OSL30EDGE0417 Ref C: 2022-12-08T22:13:08Z
date: Thu, 08 Dec 2022 22:13:07 GMT
content-length: 0
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1287
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
date: Thu, 08 Dec 2022 22:13:08 GMT
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 140794
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
date: Thu, 08 Dec 2022 22:13:08 GMT
X-Firefox-Spdy: h2

api.fixelapp.com/api/v2/grade/FXL-1150-2383

34.193.248.175

503 Service Unavailable: Back-end server is at capacity

0 B

URL HTTP/1.1
api.fixelapp.com/api/v2/grade/FXL-1150-2383
IP
34.193.248.175:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v2/grade/FXL-1150-2383 HTTP/1.1
Host: api.fixelapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 187
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 503 Service Unavailable: Back-end server is at capacity
Content-Length: 0
Connection: keep-alive

trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=39&ssd=1&est=1670537586367&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670537587928&vi=1670537586367&ri=33275d621106a505130d65dc24663bcb&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=39&ssd=1&est=1670537586367&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670537587928&vi=1670537586367&ri=33275d621106a505130d65dc24663bcb&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1344021/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=39&ssd=1&est=1670537586367&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670537587928&vi=1670537586367&ri=33275d621106a505130d65dc24663bcb&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Thu, 08 Dec 2022 22:13:08 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

api.fixelapp.com/api/v2/grade/FXL-1150-2383

34.193.248.175

503 Service Unavailable: Back-end server is at capacity

0 B

URL HTTP/1.1
api.fixelapp.com/api/v2/grade/FXL-1150-2383
IP
34.193.248.175:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v2/grade/FXL-1150-2383 HTTP/1.1
Host: api.fixelapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 187
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 503 Service Unavailable: Back-end server is at capacity
Content-Length: 0
Connection: keep-alive

trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=4554&scd=39&ssd=1&est=1670537586367&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670537590929&vi=1670537586367&ri=33275d621106a505130d65dc24663bcb&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=4554&scd=39&ssd=1&est=1670537586367&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670537590929&vi=1670537586367&ri=33275d621106a505130d65dc24663bcb&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1344021/log/3/unip?en=pre_d_eng_tb&tos=4554&scd=39&ssd=1&est=1670537586367&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670537590929&vi=1670537586367&ri=33275d621106a505130d65dc24663bcb&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 08 Dec 2022 22:13:11 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

trc.taboola.com/1344021/trc/3/json?tim=1670537586377&data=%7B%22id%22%3A431%2C%22ii%22%3A%22%2Fname%2Fartsforallpdx.org%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670537586367%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Flp%3Dd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670537586377%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A39%2C%22supv%22%3Atrue%7D%7D&pubit=i

151.101.193.44

200 OK

0 B

URL HTTP/2
trc.taboola.com/1344021/trc/3/json?tim=1670537586377&data=%7B%22id%22%3A431%2C%22ii%22%3A%22%2Fname%2Fartsforallpdx.org%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670537586367%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Flp%3Dd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670537586377%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A39%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
151.101.193.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1344021/trc/3/json?tim=1670537586377&data=%7B%22id%22%3A431%2C%22ii%22%3A%22%2Fname%2Fartsforallpdx.org%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670537586367%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Flp%3Dd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670537586377%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fartsforallpdx.org%3Flp%3Dd%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A39%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 22:13:07 GMT
via: 1.1 varnish
x-served-by: cache-bma1670-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670537588.601010,VS0,VE100
vary: Accept-Encoding
x-vcl-time-ms: 100
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/34987/domain/squadhelp.com/token

54.230.111.42

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/34987/domain/squadhelp.com/token
IP
54.230.111.42:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /partner/34987/domain/squadhelp.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Thu, 08 Dec 2022 22:05:15 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V6o-ImztvHABylYCgUkgfpbjK55bclmx8jsgV0b4gQQsPSPT_dqpLw==
age: 472
X-Firefox-Spdy: h2

www.squadhelp.com/html/static_images/in.svg

104.22.53.96

200 OK

0 B

URL HTTP/2
www.squadhelp.com/html/static_images/in.svg
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /html/static_images/in.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a03b7d742d634005005d8afc9c5eff3b.css
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: image/svg+xml
last-modified: Sun, 09 Oct 2022 18:35:59 GMT
etag: W/"6343148f-373"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 3951144
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a7ddbdb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.squadhelp.com/html/static_images/youtube.svg

104.22.53.96

200 OK

0 B

URL HTTP/2
www.squadhelp.com/html/static_images/youtube.svg
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /html/static_images/youtube.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a03b7d742d634005005d8afc9c5eff3b.css
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: image/svg+xml
last-modified: Sun, 09 Oct 2022 18:35:45 GMT
etag: W/"63431481-36d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 3951144
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a7ddbeb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.squadhelp.com/static_images/approved-footer-2.svg

104.22.53.96

200 OK

0 B

URL HTTP/2
www.squadhelp.com/static_images/approved-footer-2.svg
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static_images/approved-footer-2.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/artsforallpdx.org?lp=d
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Sep 2022 17:47:30 GMT
etag: W/"63333732-14e52"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 3951145
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a72d08b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.squadhelp.com/html/static_images/icon-search.svg

104.22.53.96

200 OK

0 B

URL HTTP/2
www.squadhelp.com/html/static_images/icon-search.svg
IP
104.22.53.96:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /html/static_images/icon-search.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/a03b7d742d634005005d8afc9c5eff3b.css
Cookie: __cf_bm=Rjz.29WnFGN7rJuQMe3CUMFW7UY3nX2.6npyVTmZ1IY-1670537585-0-AfXylef3u/01Eo4/f+N6Bvs8tVelCxHGgY/8by/Bb/kaKQd730AQ8uF4UVlvePXzIUuc+UgPrA/CeM6ZjvFFX2g=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:13:05 GMT
content-type: image/svg+xml
last-modified: Sun, 09 Oct 2022 18:35:59 GMT
etag: W/"6343148f-456"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 3951145
vary: Accept-Encoding
server: cloudflare
cf-ray: 7768d8a7cdb3b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.6.43/clarity.js

13.107.246.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/eus2/s/0.6.43/clarity.js
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9082948124e4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0Cw+SYwAAAABSSno95Ts3SIZgm9AMvk8DQU1TMDRFREdFMTkxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0c2GSYwAAAAA1+GqRFsS9TpzQ5n9p+oPRU1ZHMjBFREdFMDUxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 08 Dec 2022 22:13:07 GMT
X-Firefox-Spdy: h2

www.artsforallpdx.org/

172.67.171.154

301 Moved Permanently

0 B

URL HTTP/2
www.artsforallpdx.org/
IP
172.67.171.154:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.artsforallpdx.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Thu, 08 Dec 2022 22:13:04 GMT
content-type: text/html
location: https://www.squadhelp.com/name/artsforallpdx.org?lp=d
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzuzEGsXG5vc%2Bi5xpmCsMHWy4deE3eBP%2Bw9zRINelh3hlAvcweNG0UCPWaAKjjfwvJPt8BztJzb6%2Bfh8r6jTRAV3bOzjVTgA07YqyrmQ6Q7aqmeIjNVh3fzyehZl22Wa%2Bye7IMOSSVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7768d89b69930afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (62)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations