terrout7.biz/
188.114.96.1301 Moved Permanently 0 B IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: terrout7.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Dec 2022 09:42:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Dec 2022 10:42:23 GMT
Location: https://terrout7.biz/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BL7fvF4Foa1Db7q0LRNeuK1CtAAG%2BIEO9l44ZWkY0HHEqUOdZ1OL8zlHidaHsLxcT8%2FbzYA%2Bcf1vHvWwRFbEeYd5Ymr5brdmSLY8s6UfH0g0Qjgox%2BmrgxxvGGqIqGU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b6f2bf7819b512-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3748
Expires: Sun, 18 Dec 2022 10:44:52 GMT
Date: Sun, 18 Dec 2022 09:42:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2039a1dda99e075b82840608771d2326
e89713a35b312f3b87fbeaad98f03fddecbf77ce
aae78c754635e9833fa6c231d775bddc82add02f9ce3197a0b260a0806e708c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAE78C754635E9833FA6C231D775BDDC82ADD02F9CE3197A0B260A0806E708C3"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5937
Expires: Sun, 18 Dec 2022 11:21:21 GMT
Date: Sun, 18 Dec 2022 09:42:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3845
Expires: Sun, 18 Dec 2022 10:46:29 GMT
Date: Sun, 18 Dec 2022 09:42:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 18 Dec 2022 09:34:18 GMT
content-type: application/json
age: 486
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Dq/+v9h2faqUb0MVfN+aUn0KQa14s4pSKjT3g9AcLdqILsPPVhjbEJZfn5jKnfEY6ycgd+0qI8tI7Kg2gIJohg==
x-amz-request-id: CCAM517KF1K775XJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 18 Dec 2022 08:54:02 GMT
age: 2902
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 09:42:24 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/RlAf78TXljE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/RlAf78TXljE
IP 142.250.74.131:0
Hash 52b0b1594315ce9d09e2707016c7358c
ad8b17ac92fdfb369f41c037d89fdf6612bad14c
884322158cff5362b7320d691146c47c5646687695dbac4d0efdd0bb0f00d050
POST /s/gts1p5/RlAf78TXljE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/RlAf78TXljE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/RlAf78TXljE
IP 142.250.74.131:0
Hash 52b0b1594315ce9d09e2707016c7358c
ad8b17ac92fdfb369f41c037d89fdf6612bad14c
884322158cff5362b7320d691146c47c5646687695dbac4d0efdd0bb0f00d050
POST /s/gts1p5/RlAf78TXljE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e4c9b22ffb6326ef8e8951de6b346f4c
4987c38fa7d5b39c0073235492b642873774cae4
2e70f3ed98f44f1b540b1cf6c3afae37f963f08d2b223cfd577a549cfc140d94
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "2E70F3ED98F44F1B540B1CF6C3AFAE37F963F08D2B223CFD577A549CFC140D94"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2771
Expires: Sun, 18 Dec 2022 10:28:35 GMT
Date: Sun, 18 Dec 2022 09:42:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 18 Dec 2022 09:33:23 GMT
age: 541
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d1752cd6eb7f48e7494373911a5b996
43d9c23c4d03cccce0fc478f0e12c0874dc762fd
aded7fd1d638c001b0b462fdfeee0549d2ed61b51ced88eb83690e2e20ed36d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3574
Cache-Control: max-age=87841
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:24 GMT
Etag: "639d86ab-1d7"
Expires: Mon, 19 Dec 2022 10:06:25 GMT
Last-Modified: Sat, 17 Dec 2022 09:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.210.150.237101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.150.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 36cc6gk4DMaQaaoSgJNJSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UhrT3i/Wq+MSPbNLxX4erOtfppw=
www.squadhelp.com/modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff2
172.66.42.241200 OK 20 kB URL HTTP/2 www.squadhelp.com/modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff2
IP 172.66.42.241:0
File type Web Open Font Format (Version 2), TrueType, length 20100, version 1.0\012- data
Hash eb964ca850eecca0ccad41e2905742cc
5c07dcf2dc8a0cb41f79aa6242386ba3526518c0
46c3a9dd12310f604a7003f51fc8b81509f63bfda367f1d537854f0120ba30bc
GET /modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff2 HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:26 GMT
content-type: application/octet-stream
content-length: 20100
last-modified: Mon, 12 Sep 2022 15:01:34 GMT
etag: "631f49ce-4e84"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 4759770
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2ccfb7bb52d-OSL
X-Firefox-Spdy: h2
www.squadhelp.com/modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff2
172.66.42.241200 OK 13 kB URL HTTP/2 www.squadhelp.com/modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff2
IP 172.66.42.241:0
File type Web Open Font Format (Version 2), TrueType, length 13440, version 1.0\012- data
Hash a2a67cca7e731eecd64d7689f6e58360
da6671f04a96bd5f39b3f3425d7ee101231f511f
abc04a100d9ffb66432cc6b85574582ac7d4da86d7eba38a699c605fe3086fbe
GET /modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff2 HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:26 GMT
content-type: application/octet-stream
content-length: 13440
last-modified: Mon, 12 Sep 2022 15:01:37 GMT
etag: "631f49d1-3480"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 4759770
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2cceb75b52d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 10a3a852ef62dc4d4ccbbf6ff396688b
953e40775326102f6c3fc09a18a7039239df656f
30872c631302c914fc93b789892b200beb6284a3ba6753e1ee7f909a1231f2dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.squadhelp.com/html/html/static_images/instagam.svg
172.66.42.241200 OK 195 kB URL HTTP/2 www.squadhelp.com/html/html/static_images/instagam.svg
IP 172.66.42.241:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3387)
Size 195 kB (194899 bytes)
Hash 529221b740e0305efd31fbf3269b6d67
7accd9377776fe4a2cb36d4c06f76d4f58149dc7
dd3e86f5032003f19fa88b9fd76ede9d3ee605e488e1c88f6ab8d9fdc272fcce
GET /html/html/static_images/instagam.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:21 GMT
etag: W/"6345b421-da3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 410185
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2cceb71b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
172.66.42.241200 OK 44 kB URL HTTP/2 www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
IP 172.66.42.241:0
File type Unicode text, UTF-8 text, with very long lines (51153)
Hash 685b088d190e46fd7aa027396c1ffd2c
53a4f6bf85cfc638742c63d49a9bf909d826b950
72bf5533c0ee1cd7702d102b6f7ec81b8faa155be6086d09ffd774d48b404fa1
GET /var/038bad14a99efd36d54b91f92256d7c4.css HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/terrout7.biz?lp=d
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:25 GMT
content-type: text/css
last-modified: Thu, 15 Dec 2022 18:26:17 GMT
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 202710
server: cloudflare
cf-ray: 77b6f2cc5aa1b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
widget.intercom.io/widget/ld9mkn53
54.230.111.53200 OK 6.2 kB URL HTTP/2 widget.intercom.io/widget/ld9mkn53
IP 54.230.111.53:0
File type Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Hash aa7f58a8c2a83b87b2229409862da267
01a36c35934ffce6c775c515186634273cd92be1
245865f9c0b6043d8e141e2428c3b8dcb7f3ba429d0674a2c1acccdca6e1827a
GET /widget/ld9mkn53 HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6171
last-modified: Fri, 16 Dec 2022 14:55:22 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: PNu2LMqMTe3qS0LCJoKAp3IxPa9Jn9oK
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Dec 2022 09:30:05 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "aa7f58a8c2a83b87b2229409862da267"
x-cache: Error from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: K_p1Yl_UPLoRft8Mgx-_OhxPP052v672dqAMjx9LHvF85NW1FFLUeQ==
age: 833
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2650
Expires: Sun, 18 Dec 2022 10:26:36 GMT
Date: Sun, 18 Dec 2022 09:42:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2650
Expires: Sun, 18 Dec 2022 10:26:36 GMT
Date: Sun, 18 Dec 2022 09:42:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed374d0c34e8b2e15f08a6479a4f45e7
5db9e59699048998f0685e940640eae19ef11c8e
9933854830be796a87cfe44b6b8336294e2d3dbbe3205f267720aca6968c3a21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12125
x-amzn-requestid: e44faa15-1dfd-4bc0-bdfb-307c3de2755d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2QPFZAIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3734-33d636210a1e24742ee71187;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmeWRYIlUMCR8Nds0-n0a9ju0ySR7ZuTAS82Lu8sZxPXQpBJkqzvww==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:52:21 GMT
age: 42605
etag: "5db9e59699048998f0685e940640eae19ef11c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KyEMrUTeuVTPJ3EIkrH1DLYqa4bHK7fe6dApTAFP4XY0G4airnflGA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:37:06 GMT
age: 43520
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F784b33ef-7983-46bb-9758-beb8b0593d31.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F784b33ef-7983-46bb-9758-beb8b0593d31.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3a2d422a57f1136e204524834143a2f
34c817327586272e8a6145d66ea94ff64a6516f6
fca96a776039d1849686e14b35ff9abd8df5840258d30a2cbb90abeccae6362d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F784b33ef-7983-46bb-9758-beb8b0593d31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13556
x-amzn-requestid: 71031d93-d8e8-4283-a6fc-b7d5cba06ee9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2tjFCkoAMF0tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e37f0-09aef00c4fdb703a282676a8;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:43:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jF5QEL373s6PG5rTKegMkKAJtgikeC4wECdL_zbJEbNii40vQ2wmQA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:54:10 GMT
etag: "34c817327586272e8a6145d66ea94ff64a6516f6"
content-type: image/jpeg
age: 42496
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ada04738696f861648635c9ba98841e4
ce644cd4349d88aa7c24b2503b0b18b444061639
e5cee777efbf1d8a0f95f6cce71199e5f016a91f90cf0afe38bc86654b9d730d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8696
x-amzn-requestid: c897aeed-a082-46a1-965f-39e8c763cb05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10ZH3jIAMF0gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-548ac80840737a20743980f5;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JecluZu8ExMmP-UHM8QbK-bjm_yqULU1tl2QQDfKMea8NHM6y2JI7g==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:37:06 GMT
age: 43520
etag: "ce644cd4349d88aa7c24b2503b0b18b444061639"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4a5f117-9f4b-424b-9fa6-90cc78f66709.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4a5f117-9f4b-424b-9fa6-90cc78f66709.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6272c50d983ad7a1dc4ffdac8af30bd3
f85d27fe6f179b734ebc693de64ad2c94ad4cf13
fdb3764c309f38b2b7d4fc0020897f011daad7ce120dace7dffeaaaed6ffdc98
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4a5f117-9f4b-424b-9fa6-90cc78f66709.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7839
x-amzn-requestid: 173ca9af-c95f-4a33-a9af-ca2df02168f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT11nFC0IAMFl-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e368a-276da17e300ced9a5ee66b65;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wtUgpUFQ5mFblne0aNFiHboQ7QkW0OE3fBIpYjwRTKOFDyEs2kigjQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:54:28 GMT
age: 42478
etag: "f85d27fe6f179b734ebc693de64ad2c94ad4cf13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf66930-95e3-4a55-8010-b1b6ca56bb72.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf66930-95e3-4a55-8010-b1b6ca56bb72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72e6e854c47d50c6eb07f491ac9ecc3b
067e0a350aaf1a509e8263f38191394e2fa1ee8f
cc6c3dff5dd6da8b61a4891a4c8ebb441fb37bd45af06520bc32d025d276a0f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf66930-95e3-4a55-8010-b1b6ca56bb72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11961
x-amzn-requestid: 58d907ec-0831-48ff-bd18-92b1f364190f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2PeF__oAMF2lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e372f-1c97663c43ee7c5552e3a6f9;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:39:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uzlYcLMD0Q7UOHq2PSorqX5sCd-EuxB1LIKHLQeD5CusFroqIUVNRA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:54:10 GMT
age: 42496
etag: "067e0a350aaf1a509e8263f38191394e2fa1ee8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.intercomcdn.com/vendor.d865146a.js
54.230.111.84200 OK 108 kB URL HTTP/2 js.intercomcdn.com/vendor.d865146a.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (65431)
Size 108 kB (108301 bytes)
Hash fc79a940f2d0bedfbad37175a6cb560d
5ee39ee9c18599ddbcfa5a16fb57e29b33981cc5
d85b3f8a1d06c12b798bc6818485cadc9ad88d9fa88a9bba5891529aadbc325f
GET /vendor.d865146a.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108301
last-modified: Fri, 16 Dec 2022 14:53:47 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: TAytPXFSwMftjrJJIyXd4wbPcT5Mt5DX
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Dec 2022 07:59:44 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "fc79a940f2d0bedfbad37175a6cb560d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: yCDXiCzxuTOItyUxP1vgCVmLE8wqxQ4YLgnHyjuunksJ_f1ytIpmoQ==
age: 6163
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 719b94539e86beb51ab698f5c971523c
5969c3f8d7e56ba39baaca5b02d013427b033244
0e039398166a8dd7815ce996ce53b367eb311404f2519cfcd2522e76d6bd3285
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115297
Date: Sun, 18 Dec 2022 09:42:26 GMT
Etag: "639ded5b-1d7"
Expires: Mon, 19 Dec 2022 17:44:03 GMT
Last-Modified: Sat, 17 Dec 2022 16:24:59 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NKVR--aTaw1qWKtA8VoMCXbJV6qPDclPnbFoJ1SRJDxrueuNtN_nMA==
Age: 4744
cdn.jsdelivr.net/npm/search-insights@1.3.1
151.101.129.229200 OK 2.9 kB URL HTTP/2 cdn.jsdelivr.net/npm/search-insights@1.3.1
IP 151.101.129.229:0
File type ASCII text, with very long lines (10262)
Hash f66557a8cde2590db029b6b8304378db
11bbbcd7974761b20ec50d17f4049977315d9d08
9ab7d5c8a5762c81158601720fd131bef233a57193e6daaa8d1ad26e5912f1d3
GET /npm/search-insights@1.3.1 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.3.1
x-jsd-version-type: version
etag: W/"2817-FGLI0cv/s1qAA3nM5zLdFEpck2Q"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Dec 2022 09:42:26 GMT
age: 5023036
x-served-by: cache-fra-eddf8230023-FRA, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2870
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.193.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.193.140:0
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 18 Dec 2022 09:42:26 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 5068a12482cc4ba60e6d37f6a4201d1f
802489795c93d356db18591ba2defd61ffed33ae
77e057b3772327fc28263b0b1239c465aba84309630c9e1b036eef58907ad08b
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 09:42:26 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "C1652658E8EA1236909D8B1D4B1B2AF1CA4EECCA"
Expires: Sun, 18 Dec 2022 21:00:00 GMT
Last-Modified: Sun, 18 Dec 2022 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1224
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b6f2cffd921c02-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4b52557e87a641dd1ec487b0cc1bbef1
02d1bc0aa0cedab430cf79912ca16a04c56a4aaf
53250f4fd0da002031012d020d2be316b3c052e4423e2c920c0072344514ad91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53250F4FD0DA002031012D020D2BE316B3C052E4423E2C920C0072344514AD91"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11615
Expires: Sun, 18 Dec 2022 12:56:01 GMT
Date: Sun, 18 Dec 2022 09:42:26 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash ec599551b182b956471adbd740301ea0
deea165574606b3eafa812d2394baabef27766da
311aa3e7e22960380b6be4ce74be67693e881807233d1eaca55af387b1210526
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95679
Date: Sun, 18 Dec 2022 09:42:26 GMT
Etag: "639dacc1-1d7"
Expires: Mon, 19 Dec 2022 12:17:05 GMT
Last-Modified: Sat, 17 Dec 2022 11:49:21 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: olQh4d_WTXqH0G28wEGcShPsj0kwsN8gBVejTj16AY1d3fYg6-0jeQ==
Age: 1664
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash d67c3dd82dcc82c5014d896c377bf4cb
5d2722e12de4d9049527b547cb7f3e178fc87fb1
2e1ee4714410e2b47f3979d82fb129f697832d16665dfbd7efeefc07306836ea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113986
Date: Sun, 18 Dec 2022 09:42:26 GMT
Etag: "639deeda-1d7"
Expires: Mon, 19 Dec 2022 17:22:12 GMT
Last-Modified: Sat, 17 Dec 2022 16:31:22 GMT
Server: ECS (dcb/7EA4)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8um4oc9c8eoJ2B3ocFRRzdrMuwMSREpBQZrYoIo2rX6WQbJboi8KAw==
Age: 3050
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash f212f0df1d985ad994965d3f4097b8d4
378030f8b6a84ba14219057fa9f2cc0ff478852d
2642b20a8e73f0524c25c0652a2f4d1f76eb5cfbff58e7af5732ed80b9988204
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3897
Cache-Control: max-age=114796
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:26 GMT
Etag: "639deeb5-2d7"
Expires: Mon, 19 Dec 2022 17:35:42 GMT
Last-Modified: Sat, 17 Dec 2022 16:30:45 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 727
script.fixel.ai/config/FXL-1150-2383.json
54.230.111.89200 OK 0 B URL HTTP/2 script.fixel.ai/config/FXL-1150-2383.json
IP 54.230.111.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /config/FXL-1150-2383.json HTTP/1.1
Host: script.fixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Sun, 18 Dec 2022 09:37:36 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Et35TrQSCf6B3WNNdsoP_MjOGvemjii-ejj4vqE7ikTOIHOvhSciGQ==
age: 291
X-Firefox-Spdy: h2
script.fixel.ai/config/FXL-1150-2383.json
54.230.111.89200 OK 152 B URL HTTP/2 script.fixel.ai/config/FXL-1150-2383.json
IP 54.230.111.89:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 651a6d3ba7143f83f44261232093a38c
43e11c4cc441663daf605df0414947c8756f2155
7a5cfb625e89e99af010b95040c9b9fdd6f518b9b87da64206c00fbb120933d1
GET /config/FXL-1150-2383.json HTTP/1.1
Host: script.fixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 152
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Mon, 01 Feb 2021 10:13:36 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: VlbH.UIcLlGlg9QOIym1wMb.PKZS9R_3
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Dec 2022 09:41:43 GMT
etag: "651a6d3ba7143f83f44261232093a38c"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DtNm42QYKP4nCJhwzCVYQytcVix-VhbxZzyw_KFBqGSIQ4tdspuDMA==
age: 44
X-Firefox-Spdy: h2
q.quora.com/_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd
52.72.186.224200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd
IP 52.72.186.224:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Sun, 18 Dec 2022 09:42:26 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,b38c49f57853bade15fd048172a59372,10.0.0.120,23238,91.90.42.154,,87368277985,1,1671356546.783,0.002,,.,0,0,0.000,0.004,-,0,0,197,188,94,10,34729,,,,,,-,
Content-Length: 43
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 496d96f69203ab6ad46a661482df3c81
1e09de48fbd4df599eab45d9339ebf6cee9825d7
b43e2510e05b3ca9adfc47f8526c71c732b3f530bd1ecec189a21b777f131498
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2731
Cache-Control: max-age=107179
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Etag: "639dd583-1d7"
Expires: Mon, 19 Dec 2022 15:28:46 GMT
Last-Modified: Sat, 17 Dec 2022 14:43:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
js-agent.newrelic.com/552.2d6a2503-1220.js
151.101.194.137200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/552.2d6a2503-1220.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (21423)
Hash 097ef34c5f5d635a147bca3721bd605b
3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Lx7LUNyC193WWpSv5hW/L7UEeNSlDwufm33KpA2sv5a1ht8efI/6s62/R2OVbNZKkoG/gUHXaFI=
x-amz-request-id: VK0V8BCV38T7WVVS
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Dec 2022 09:42:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1830
x-timer: S1671356547.118708,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 18 Dec 2022 09:34:02 GMT
expires: Sun, 18 Dec 2022 11:34:02 GMT
cache-control: public, max-age=7200
age: 505
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.7 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13063)
Hash bf269a225d9de1d11c6e2747d12ffbfb
f3edd2899cced3e0ae6107c6837e954d8b4f1d86
38bcbdd59ce5cac7da632ad8788f5c520aa88d30a53af4cedeb9a989af4d0986
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 18:31:06 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14872
date: Sun, 18 Dec 2022 09:42:27 GMT
content-length: 4654
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0973dd05c36d5b21a858d6a6bec71334
e5bc1af376e6cd71fe3be45b393ceb1f61434891
e46922306d68a94ce397d96c12c5ddfd0341e139369cab988a6c57b57a9bd0ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (16574), with no line terminators
Hash 5cdda5ed80a4ee13f700ae502f7cd4ec
0e6aa932abf3c56561a686aa3e8d069aaa3ca228
d54fc3e1792330cc768902f861f0a79ecffbfd23b8db14f354e8fcefd1c831c1
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Last-Modified: Mon, 28 Nov 2022 14:22:05 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sun, 18 Dec 2022 10:02:27 GMT
Date: Sun, 18 Dec 2022 09:42:27 GMT
Content-Length: 5269
Connection: keep-alive
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 04wKJByUt7fAyJNZ7gy+U3KZiJmaIjMFoKX55uV/s9nR7hES8IsPKP8a8qpiINmwD6aym94JuLMDTdND4yDpFw==
content-length: 27298
x-fb-trip-id: 1904183273
date: Sun, 18 Dec 2022 09:42:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 12 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash b77f77f4f821a11c0a501be8d6a19659
7bba3d65db27d7c0e050bbf2294021433221de5d
e80b6b1a2f792de4681310088abf8d9172a81ee10a54965c8eb602fae2d92319
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11472
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=21328D746288680B0CC49F0A637D6950; domain=.bing.com; expires=Fri, 12-Jan-2024 09:42:27 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BAABB13B27D745A3ACB610873E81378A Ref B: OSL30EDGE0216 Ref C: 2022-12-18T09:42:27Z
date: Sun, 18 Dec 2022 09:42:26 GMT
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1344021/tfa.js
151.101.129.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1344021/tfa.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (58953)
Hash b4a930997a76472d072bcfa0cc0d9067
79de024d59e771be1db739f29c40f00e2aecd9f9
e7df05a24c9904b557c23c39629e0a595dfec1e8c7f586f723ce4cac509db0ee
GET /libtrc/unip/1344021/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: scksawFnZQjXDyjHxe1BJHYjQp9rFEC+k4bN8nYqZbrAJI0TH1VctjAjeaZOIphzP7G1UN+K5Nk=
x-amz-request-id: QCY0B36Q9EGDGHPZ
x-amz-replication-status: PENDING
last-modified: Sun, 11 Dec 2022 11:37:03 GMT
etag: "b3f54aba1d1b5670679a64c61aa84291"
x-amz-version-id: Eov39P7hP3kH8xqQX.ZCQVgQUB5HQSXP
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Dec 2022 09:42:27 GMT
via: 1.1 varnish
age: 98
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1671356547.159146,VS0,VE2
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 17
content-length: 18111
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0973dd05c36d5b21a858d6a6bec71334
e5bc1af376e6cd71fe3be45b393ceb1f61434891
e46922306d68a94ce397d96c12c5ddfd0341e139369cab988a6c57b57a9bd0ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0973dd05c36d5b21a858d6a6bec71334
e5bc1af376e6cd71fe3be45b393ceb1f61434891
e46922306d68a94ce397d96c12c5ddfd0341e139369cab988a6c57b57a9bd0ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Sun, 18 Dec 2022 09:42:27 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1671356542888&cv=11&fst=1671356542888&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&auid=325113349.1671356543&data=ecomm_pagetype%3Dproduct&rfmt=3&fmt=4
216.58.207.226200 OK 892 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1671356542888&cv=11&fst=1671356542888&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&auid=325113349.1671356543&data=ecomm_pagetype%3Dproduct&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (1895), with no line terminators
Hash bced8f8e433a296c928ba1cfe67bac75
ea592f4537de88d0304a305f6e3d11f512dce2a2
8ab8ca57d3219f79faa0efa6f76ea952c29598ab1292761d6572a9e4f2063850
GET /pagead/viewthroughconversion/1030947153/?random=1671356542888&cv=11&fst=1671356542888&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&auid=325113349.1671356543&data=ecomm_pagetype%3Dproduct&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 09:42:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 892
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Dec-2022 09:57:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1671356543064&cv=11&fst=1671356543064&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&auid=325113349.1671356543&data=event%3Dgtag.config&rfmt=3&fmt=4
216.58.207.226200 OK 887 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1671356543064&cv=11&fst=1671356543064&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&auid=325113349.1671356543&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (1885), with no line terminators
Hash 199c4742073aa9a7d6d1461dbef3ed47
2b6d831755df701c8d291dd18b65abfc638a3028
913229e069eab88ea220a3ca22192dac9c2cde651abf34134af4542ea68cb420
GET /pagead/viewthroughconversion/1030947153/?random=1671356543064&cv=11&fst=1671356543064&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&auid=325113349.1671356543&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 09:42:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 887
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Dec-2022 09:57:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 953635cff82596ecfcbd7ff83474031a
5ea2fa051d49d203df6582bc273639a90348f8d2
bb63f27f12c917fccddd13680972fc6e12a8e0e4dcb9b9340f7f911c8b1db9ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1671356542943&cv=11&fst=1671356542943&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&auid=325113349.1671356543&data=dynx_pagetype%3Dother&rfmt=3&fmt=4
216.58.207.226200 OK 887 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1671356542943&cv=11&fst=1671356542943&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&auid=325113349.1671356543&data=dynx_pagetype%3Dother&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (1889), with no line terminators
Hash 60ae6ff0a6e165a35aaec950c6790d04
b89b90feb62c2475dabe0e20736fc765c1289dc9
b4ac62caf6b65b0b80cc9cbf8ba925c39672c11174e1df87b97db2da5c428627
GET /pagead/viewthroughconversion/1030947153/?random=1671356542943&cv=11&fst=1671356542943&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&auid=325113349.1671356543&data=dynx_pagetype%3Dother&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 09:42:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 887
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Dec-2022 09:57:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1671356542913&cv=11&fst=1671356542913&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&auid=325113349.1671356543&rfmt=3&fmt=4
216.58.207.226200 OK 918 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1671356542913&cv=11&fst=1671356542913&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&auid=325113349.1671356543&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (1916), with no line terminators
Hash d265601e761e727a1a3030f5e8d93b7d
900e7cdcb76b3f408bf60428be48a3b30efff9ec
82dc15718f3f5651032018e66f4329f7519f8372ed0da02583593709e9058afe
GET /pagead/viewthroughconversion/1030947153/?random=1671356542913&cv=11&fst=1671356542913&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&auid=325113349.1671356543&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 09:42:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 918
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Dec-2022 09:57:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 496d96f69203ab6ad46a661482df3c81
1e09de48fbd4df599eab45d9339ebf6cee9825d7
b43e2510e05b3ca9adfc47f8526c71c732b3f530bd1ecec189a21b777f131498
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2731
Cache-Control: max-age=107179
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Etag: "639dd583-1d7"
Expires: Mon, 19 Dec 2022 15:28:46 GMT
Last-Modified: Sat, 17 Dec 2022 14:43:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1671356542903&cv=11&fst=1671356542903&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&value=0&bttype=purchase&auid=325113349.1671356543&gcp=1&ct_cookie_present=1
216.58.207.226200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1671356542903&cv=11&fst=1671356542903&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&value=0&bttype=purchase&auid=325113349.1671356543&gcp=1&ct_cookie_present=1
IP 216.58.207.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1030947153/?random=1671356542903&cv=11&fst=1671356542903&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&value=0&bttype=purchase&auid=325113349.1671356543&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 09:42:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Dec-2022 09:57:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/1030947153/?random=1671356542903&cv=11&fst=1671356542903&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&value=0&bttype=purchase&auid=325113349.1671356543&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.132302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/1030947153/?random=1671356542903&cv=11&fst=1671356542903&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&value=0&bttype=purchase&auid=325113349.1671356543&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.132:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1030947153/?random=1671356542903&cv=11&fst=1671356542903&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&value=0&bttype=purchase&auid=325113349.1671356543&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 09:42:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1030947153/?random=1671356542903&cv=11&fst=1671356542903&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&value=0&bttype=purchase&auid=325113349.1671356543&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0973dd05c36d5b21a858d6a6bec71334
e5bc1af376e6cd71fe3be45b393ceb1f61434891
e46922306d68a94ce397d96c12c5ddfd0341e139369cab988a6c57b57a9bd0ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 157b62091fad279063f540564a4c72e6
9db33b844db31eed03695c97daf4c84a4d7d265f
92904432175c023613dea4d660d2c9098e00b7f3b628c8519bf5b404cad450a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.fixel.ai/script/Fixel.min.js
54.230.111.89200 OK 7.1 kB URL HTTP/2 script.fixel.ai/script/Fixel.min.js
IP 54.230.111.89:0
Hash fd613c64697209c028cc91bce57b19c7
d1bdcbddcc9e3c351925c53b93f89d7b8c039fa8
beb55831be25e7f383ef7ceeda9af300f5571f9bccfa12e62640b6ee5bdab7ee
GET /script/Fixel.min.js HTTP/1.1
Host: script.fixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 31 May 2021 09:44:32 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: qn3ku6T2KTYfiw1ZK.qbHtFFDfyG1XJc
server: AmazonS3
content-encoding: gzip
date: Sun, 18 Dec 2022 09:35:00 GMT
etag: W/"bd757ff2fd05d44091740f66680801be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NIbotdmrV34hOyyDpbeA6ztU2NMowOyQv3mbZ1v_YjKENDlJD9Qp0w==
age: 534
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-VJ36JWQDE1>m=2oebu0&_p=1600385112&cid=1472833770.1671356543&ul=en-us&sr=1280x1024&_s=1&sid=1671356543&sct=1&seg=0&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&dt=terrout7.biz&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-VJ36JWQDE1>m=2oebu0&_p=1600385112&cid=1472833770.1671356543&ul=en-us&sr=1280x1024&_s=1&sid=1671356543&sct=1&seg=0&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&dt=terrout7.biz&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-VJ36JWQDE1>m=2oebu0&_p=1600385112&cid=1472833770.1671356543&ul=en-us&sr=1280x1024&_s=1&sid=1671356543&sct=1&seg=0&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&dt=terrout7.biz&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.squadhelp.com
date: Sun, 18 Dec 2022 09:42:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 979275c87c114587692cb1537164df18
bed8c19283060efbf8f40bed49d6eb3071e25ca3
de69070638cba76a70d0e31f3ddfdea627e35082b32c73b0baa1ac4282f93dcd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1053
Cache-Control: max-age=95394
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Etag: "639dae08-139"
Expires: Mon, 19 Dec 2022 12:12:21 GMT
Last-Modified: Sat, 17 Dec 2022 11:54:48 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 3678c5342a3531674497fcd352df920f
09b27f9ff55b24fcfeec5b40eda7f7241bed4744
ab7010b756af09494729823f35fdcc785a969ef991fa7a98b4b35db4bb11cb31
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 18 Dec 2022 09:42:27 GMT
Last-Modified: Sun, 18 Dec 2022 08:44:08 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XRGhfbHbl8UqdpDyC45kpC0vjjsM6QKJZpho9-Okz1ECA1PztJR_yQ==
Age: 3499
tags.srv.stackadapt.com/events.js
54.225.101.189301 Moved Permanently 65 B URL HTTP/1.1 tags.srv.stackadapt.com/events.js
IP 54.225.101.189:0
File type HTML document, ASCII text
Hash f80e89783ec551e69632712d99fd2224
a760361995b52b09f655a2bb469d7dd464619692
c052ddf9a69031b36e27713dfc2ca1d3494de9e0436c5bb35d17d92dac2c61bd
GET /events.js HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Date: Sun, 18 Dec 2022 09:42:27 GMT
Location: https://qvdt3feo.com/events.js
Content-Length: 65
Connection: keep-alive
t.co/i/adsct?bci=3&eci=2&event_id=c55fdc1e-9877-4a65-b0f5-1030a33d53c7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2825505f-82c6-4855-bd11-0f9a66f90fad&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
104.244.42.5200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=c55fdc1e-9877-4a65-b0f5-1030a33d53c7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2825505f-82c6-4855-bd11-0f9a66f90fad&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
IP 104.244.42.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=c55fdc1e-9877-4a65-b0f5-1030a33d53c7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2825505f-82c6-4855-bd11-0f9a66f90fad&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:27 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=209da7d8-ccfa-4cab-ba14-055160873fe7; Max-Age=63072000; Expires=Tue, 17 Dec 2024 09:42:27 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 17360f4c7f50232b
strict-transport-security: max-age=0
x-response-time: 112
x-connection-hash: fa050bff44c2c72002b889c33be4b3f82d0da5a01a8c4c2f1bd3f985cd01c556
X-Firefox-Spdy: h2
cdn.acsbapp.com/cache/app/squadhelp.com/config.json
147.185.239.229200 OK 158 B URL HTTP/2 cdn.acsbapp.com/cache/app/squadhelp.com/config.json
IP 147.185.239.229:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e7543a849acc2620e64449f28ef16057
5985f13c7fc04637a66135d83243d7b903571471
56417a85f8d4ed2a1d200fa9d6abdfb1f13a15925aeb36226b3a09ed05c4d3ee
GET /cache/app/squadhelp.com/config.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Mon, 19 Dec 2022 09:42:27 GMT
content-type: application/json
last-modified: Sun, 18 Dec 2022 09:40:15 GMT
etag: "9e-639edfff-1f9a3f4dafef36ef;;;"
accept-ranges: bytes
content-length: 158
date: Sun, 18 Dec 2022 09:42:27 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
cdn.acsbapp.com/cache/app/en.build.json
147.185.239.229200 OK 26 kB URL HTTP/2 cdn.acsbapp.com/cache/app/en.build.json
IP 147.185.239.229:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65461), with no line terminators
Hash abe777217b66445d97e5775181e2e6e4
6bfc31e964a94fb675aa2324019d927511dcb4c4
3ccefebf91b0c101a0d862bb0a0a383abeab6b79abc0337aaa3c446915df8f1c
GET /cache/app/en.build.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Mon, 19 Dec 2022 09:42:27 GMT
content-type: application/json
last-modified: Tue, 13 Dec 2022 15:28:04 GMT
etag: "3b8a8-63989a04-f03db16b0f9f2ad8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 25890
date: Sun, 18 Dec 2022 09:42:27 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
js-agent.newrelic.com/290.2d6a2503-1220.js
151.101.194.137200 OK 3.4 kB URL HTTP/2 js-agent.newrelic.com/290.2d6a2503-1220.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (8544)
Hash b9baa2cb6a3b1a3d0fda03cd7db51631
42d37467e05182e3cab2fcb54577dc462adcf50b
31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822
GET /290.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: fhmr6WetDM+g2i2QlvVMRpxUR5FtkKdG9L63CCQ3CSWsvtR6j++f9vvc73sttpIYqURa2xyYTRk=
x-amz-request-id: VK0ZFWF8T6343F8V
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Dec 2022 09:42:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1830
x-timer: S1671356548.833631,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2
js-agent.newrelic.com/368.2d6a2503-1220.js
151.101.194.137200 OK 1.4 kB URL HTTP/2 js-agent.newrelic.com/368.2d6a2503-1220.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (3382)
Hash fa50a55750d1d0978fca32be5dbc3988
a7f447621d48b3ecf7fc0192b515d506d3d1ad18
c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: kwoAxcBtx2IMbi3IHVdur3TxF/StXF2YgQ/J5F/J0LqxQRcevbbS10v8PBtCq89jFlCdbzEZt0Y=
x-amz-request-id: VK0S7FDBAB0EX9VY
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Dec 2022 09:42:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1835
x-timer: S1671356548.833866,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2
www.clarity.ms/tag/3xq9rdybkj
13.107.246.53200 OK 3.2 kB URL HTTP/2 www.clarity.ms/tag/3xq9rdybkj
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 732a3a1717292e3b8da556a024c3ed04
ccf2cd7f6afabc276f564576f2e739fcc5f68c12
fd7d64f553522febd943492c9d07d039aeda13875251ca74c29866cd7df88103
GET /tag/3xq9rdybkj HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=0a4579fd3b304be7af07c32f042d95aa.20221218.20231218; expires=Mon, 18 Dec 2023 09:42:27 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-cache: CONFIG_NOCACHE
x-azure-ref: 0g+CeYwAAAADw8bmx8Y6xTLS+3z9+3ISBU1ZHMjBFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 18 Dec 2022 09:42:26 GMT
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/facebook.svg
172.66.42.241200 OK 21 kB URL HTTP/2 www.squadhelp.com/html/html/static_images/facebook.svg
IP 172.66.42.241:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (960)
Hash f72dd3f204b92254118f3e9e7fe34c30
bb07b9357c5250cb99a46ffa9ec90327c30e3531
7984f8b500ffabf01a87ccd975ebd9e4330428dc2d99b2e65044cea8805cb102
GET /html/html/static_images/facebook.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:11 GMT
etag: W/"6345b417-428"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 410185
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2cceb6db52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
js-agent.newrelic.com/775.2d6a2503-1220.js
151.101.194.137200 OK 632 B URL HTTP/2 js-agent.newrelic.com/775.2d6a2503-1220.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (1169)
Hash 661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: n5W3M8HU3EdwDhPARC2iiAf1as95kdLfrN2+qdL0W35SMVzIqjIlMR9W7ck8oTAzeIw6lrJi5fM=
x-amz-request-id: VK0MRM6MJ78HXF3Y
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Dec 2022 09:42:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1825
x-timer: S1671356548.834179,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
js.intercomcdn.com/frame.62585573.js
54.230.111.84200 OK 44 kB URL HTTP/2 js.intercomcdn.com/frame.62585573.js
IP 54.230.111.84:0
Hash b4f11cf5673d1d89bfd4459323df2dfa
b5732d220070884dd9fc898c54f0c57220b4d25c
d726db1997f2cd437ce3842956ab7d973fb4842a9daeb4a88b1c03d8ab9011fb
GET /frame.62585573.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 138724
last-modified: Fri, 16 Dec 2022 14:53:47 GMT
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: eZ8NC8h1a4GccSvel1URVuujmGGcUQ1_
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Dec 2022 08:57:50 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "06b109ba924739bf79781f647c8f7387"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xACCV7rOZ-OsBUAnPefsag4cuwpAoZFgXMmGz-8ra2n1OlmEkqQEZg==
age: 2677
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=abb0ebcc-9ed7-48b6-a5f7-cc461f202745&sid=4650cc007eb811edb5b4af529a1c54ca&vid=4650e0d07eb811edac5e8d38c3a980f0&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=terrout7.biz&p=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&r=<=2334&evt=pageLoad&sv=1&rn=984097
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=abb0ebcc-9ed7-48b6-a5f7-cc461f202745&sid=4650cc007eb811edb5b4af529a1c54ca&vid=4650e0d07eb811edac5e8d38c3a980f0&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=terrout7.biz&p=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&r=<=2334&evt=pageLoad&sv=1&rn=984097
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=15226519&tm=gtm002&Ver=2&mid=abb0ebcc-9ed7-48b6-a5f7-cc461f202745&sid=4650cc007eb811edb5b4af529a1c54ca&vid=4650e0d07eb811edac5e8d38c3a980f0&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=terrout7.biz&p=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&r=<=2334&evt=pageLoad&sv=1&rn=984097 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3B02653E659B6DD91D327740646E6CDA; domain=.bing.com; expires=Fri, 12-Jan-2024 09:42:27 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EC6755E7110040C889CB60861BA20B3C Ref B: OSL30EDGE0216 Ref C: 2022-12-18T09:42:27Z
date: Sun, 18 Dec 2022 09:42:26 GMT
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/twitter.svg
172.66.42.241200 OK 87 kB URL HTTP/2 www.squadhelp.com/html/html/static_images/twitter.svg
IP 172.66.42.241:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1241)
Hash f995e93b13ecbe3027f1ed273e6c1885
69f1b7ce24ded80e3b5dbe610fded1fc024c1624
baaeac61579c425f8dbba18279457d36161a4df08b2175ef1e9a665f3ab0c01b
GET /html/html/static_images/twitter.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:31 GMT
etag: W/"6345b42b-541"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 410185
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2cceb6fb52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
acsbapp.com/apps/app/dist/js/app.js
147.185.239.229200 OK 0 B URL HTTP/2 acsbapp.com/apps/app/dist/js/app.js
IP 147.185.239.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Mon, 19 Dec 2022 09:42:26 GMT
content-type: application/x-javascript
last-modified: Wed, 14 Dec 2022 13:48:10 GMT
etag: "6befc-6399d41a-c314fde16ec6c1b8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 143474
date: Sun, 18 Dec 2022 09:42:26 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2f3dbc33499e42ecb967c87f0df23a85
96a87c596ae880eb482b0e8a5fdb6e09bb728895
aee03631139a47dfbb4dbbfd4257d10afc3b814b5f70366759bdff153e9e2bd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2f3dbc33499e42ecb967c87f0df23a85
96a87c596ae880eb482b0e8a5fdb6e09bb728895
aee03631139a47dfbb4dbbfd4257d10afc3b814b5f70366759bdff153e9e2bd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2f3dbc33499e42ecb967c87f0df23a85
96a87c596ae880eb482b0e8a5fdb6e09bb728895
aee03631139a47dfbb4dbbfd4257d10afc3b814b5f70366759bdff153e9e2bd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2f3dbc33499e42ecb967c87f0df23a85
96a87c596ae880eb482b0e8a5fdb6e09bb728895
aee03631139a47dfbb4dbbfd4257d10afc3b814b5f70366759bdff153e9e2bd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 930561165513f29e4de0edfdee146257
09a884c2154b168ec1d744bda3431894ba11770f
959f0dbc3a2ec9adfe34b95d47a200fe61e50276c5a01a43d99f10e085c4d1f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2143
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:27 GMT
Last-Modified: Sun, 18 Dec 2022 09:06:44 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 314
www.google.no/pagead/1p-user-list/1030947153/?random=1671356542913&cv=11&fst=1671354000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&fmt=3&is_vtc=1&random=1106549913&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1671356542913&cv=11&fst=1671354000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&fmt=3&is_vtc=1&random=1106549913&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1671356542913&cv=11&fst=1671354000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=Jf_hCIzXoNECENGCzOsD&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&fmt=3&is_vtc=1&random=1106549913&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 09:42:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1030947153/?random=1671356543064&cv=11&fst=1671354000000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2607716323&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1671356543064&cv=11&fst=1671354000000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2607716323&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1671356543064&cv=11&fst=1671354000000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2607716323&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 09:42:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1030947153/?random=1671356542943&cv=11&fst=1671354000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&data=dynx_pagetype%3Dother&fmt=3&is_vtc=1&random=3374117112&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1671356542943&cv=11&fst=1671354000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&data=dynx_pagetype%3Dother&fmt=3&is_vtc=1&random=3374117112&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1671356542943&cv=11&fst=1671354000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&data=dynx_pagetype%3Dother&fmt=3&is_vtc=1&random=3374117112&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 09:42:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1030947153/?random=1671356542888&cv=11&fst=1671354000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&data=ecomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=3891874194&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1671356542888&cv=11&fst=1671354000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&data=ecomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=3891874194&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1671356542888&cv=11&fst=1671354000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tiba=terrout7.biz&data=ecomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=3891874194&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 09:42:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api-iam.intercom.io/messenger/web/ping
18.211.24.223200 OK 1.7 kB URL HTTP/2 api-iam.intercom.io/messenger/web/ping
IP 18.211.24.223:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4013), with no line terminators
Hash baa0aa646ac325c47fcb9032bc4766a3
88280759c7ac59d1fdd622aed8b98feb6c0ef7f4
b84b7e5efed46e9bbde1d227723cb0baa3f4b7c9158171b6e5c9587e19f844dc
POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 370
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:27 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1671356550
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13319
access-control-allow-origin: https://www.squadhelp.com
vary: Accept,Accept-Encoding
x-intercom-version: 661ef1ec88e2ba508528767c8ae05b45cc535d15
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 001ggn49u09rquekkfrg
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"30a54446daef90a8c54bb5765a77193c"
x-runtime: 0.307724
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-074a0e3d190148fe9
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2f3dbc33499e42ecb967c87f0df23a85
96a87c596ae880eb482b0e8a5fdb6e09bb728895
aee03631139a47dfbb4dbbfd4257d10afc3b814b5f70366759bdff153e9e2bd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1671356543641&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1671356543641&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34987&time=1671356543641&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1671356543641%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fname%252Fterrout7.biz%253Flp%253Dd%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJanFCbAoNnTQAAAYUknQOWon8zCqzyB9UGofApbSi-5xo9vW2bDjetBl2RK-mYFMUKO5JhPOFodQ; Max-Age=2592000; Expires=Tue, 17 Jan 2023 09:42:27 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQIJLbX5XfMX0AAAAYUknQOWJLHamNRaOmyFIb_BPHftnQpExlIkutKZpDMcsi72KEKJJr7KCb3bl6AGmtHllA; Max-Age=2592000; Expires=Tue, 17 Jan 2023 09:42:27 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&43c8d07b-9459-4432-81d2-b0a0c22329de"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 18-Dec-2023 09:42:27 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2460:u=1:x=1:i=1671356547:t=1671442947:v=2:sig=AQECVZuwffqWKHOdB4-G-NEBckl411eN"; Expires=Mon, 19 Dec 2022 09:42:27 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXwFwVV4k8lrMH3xgQlgw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: CD701185D041448F93CD85984B9272CD Ref B: OSL30EDGE0517 Ref C: 2022-12-18T09:42:27Z
date: Sun, 18 Dec 2022 09:42:27 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=C3E674E181BE4100B2264B92FCEB77C0&RedC=c.clarity.ms&MXFR=05C3FE2D1757636D017CEC5313576DFB
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=05C3FE2D1757636D017CEC5313576DFB; domain=.clarity.ms; expires=Fri, 12-Jan-2024 09:42:28 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 18 Dec 2022 09:42:27 GMT
content-length: 0
X-Firefox-Spdy: h2
bat.bing.com/p/action/15226519.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/15226519.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/15226519.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=0ED4CB1362AE6930023BD96D635B68DB; domain=.bing.com; expires=Fri, 12-Jan-2024 09:42:27 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 073B7DD58D394558952E0AB0EE8D90B7 Ref B: OSL30EDGE0216 Ref C: 2022-12-18T09:42:27Z
date: Sun, 18 Dec 2022 09:42:27 GMT
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b49960e5553708c26edd4e0fb002dc28
b623c90a0b716bba93a8dc3e97a70d24541097f7
edd197ade4633805cdc41f90b3fffb873e86de73777ab98dbfdc28b85017d675
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3545
Cache-Control: max-age=131387
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:28 GMT
Etag: "639e30e6-1d7"
Expires: Mon, 19 Dec 2022 22:12:15 GMT
Last-Modified: Sat, 17 Dec 2022 21:13:10 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b49960e5553708c26edd4e0fb002dc28
b623c90a0b716bba93a8dc3e97a70d24541097f7
edd197ade4633805cdc41f90b3fffb873e86de73777ab98dbfdc28b85017d675
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6144
Cache-Control: max-age=133986
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:28 GMT
Etag: "639e30e6-1d7"
Expires: Mon, 19 Dec 2022 22:55:34 GMT
Last-Modified: Sat, 17 Dec 2022 21:13:10 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=c55fdc1e-9877-4a65-b0f5-1030a33d53c7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2825505f-82c6-4855-bd11-0f9a66f90fad&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=c55fdc1e-9877-4a65-b0f5-1030a33d53c7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2825505f-82c6-4855-bd11-0f9a66f90fad&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=c55fdc1e-9877-4a65-b0f5-1030a33d53c7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2825505f-82c6-4855-bd11-0f9a66f90fad&tw_document_href=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:27 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_Y4KI2WDTGu8CCR1Vc+B4oA=="; Max-Age=63072000; Expires=Tue, 17 Dec 2024 09:42:28 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 754a44970c020bb5
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: 05c569c2748a633c5c818db94e9cb4d136e5148e213e17a75a6333e132f29102
X-Firefox-Spdy: h2
web1.acsbapp.com/apps/app/dist/media/logomono.svg
138.128.247.123200 OK 1.2 kB URL HTTP/2 web1.acsbapp.com/apps/app/dist/media/logomono.svg
IP 138.128.247.123:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 5a1c5c803738f6acbab0a79379c92c10
9f4639325d9e8e69ccc2bfc30d0f83d7dd11cd79
04009697f389893748179c149cad7b1e399d23a2284637350fe07ad94ffa5350
GET /apps/app/dist/media/logomono.svg HTTP/1.1
Host: web1.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Mon, 18 Dec 2023 09:42:28 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1210
date: Sun, 18 Dec 2022 09:42:28 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc
64.202.112.255200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc
IP 64.202.112.255:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 09:42:28 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 698f40f1ca4fb2b7974dda8ae897033c
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&optOut=false&bust=07473134006627892&referrer=
64.202.112.255200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&optOut=false&bust=07473134006627892&referrer=
IP 64.202.112.255:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&optOut=false&bust=07473134006627892&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 09:42:28 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 66f7c116ecd958047f84e79188351c17
content-encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 791bb22f8ba4f9992a8c234f95da0e13
8fc67947bc4eed5513ea6b938b1ecca28c708bb3
3b9282f60add600b269658ac4444b4dd986cd688fb7904caa002295a07db6d13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4511
Cache-Control: max-age=137036
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 09:42:28 GMT
Etag: "639e4331-1d7"
Expires: Mon, 19 Dec 2022 23:46:24 GMT
Last-Modified: Sat, 17 Dec 2022 22:31:13 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
cdn.linkedin.oribi.io/partner/34987/domain/squadhelp.com/token
54.230.111.78200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/34987/domain/squadhelp.com/token
IP 54.230.111.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/34987/domain/squadhelp.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.squadhelp.com/
Origin: https://www.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Sun, 18 Dec 2022 05:22:09 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D0szLn1k-w5pGxhGQ9aTcRi3n7aEbC-JZrC3a8CL928OM6aNUC_Dqg==
age: 15619
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&rl=&if=false&ts=1671356544497&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1671356544496.329321303&it=1671356543696&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&rl=&if=false&ts=1671356544497&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1671356544496.329321303&it=1671356543696&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&rl=&if=false&ts=1671356544497&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1671356544496.329321303&it=1671356543696&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 18 Dec 2022 09:42:28 GMT
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=C3E674E181BE4100B2264B92FCEB77C0&RedC=c.clarity.ms&MXFR=05C3FE2D1757636D017CEC5313576DFB
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=C3E674E181BE4100B2264B92FCEB77C0&RedC=c.clarity.ms&MXFR=05C3FE2D1757636D017CEC5313576DFB
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=C3E674E181BE4100B2264B92FCEB77C0&RedC=c.clarity.ms&MXFR=05C3FE2D1757636D017CEC5313576DFB HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=C3E674E181BE4100B2264B92FCEB77C0&MUID=359BA52FDBEF60B21570B751DA1A61A0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=359BA52FDBEF60B21570B751DA1A61A0; domain=c.bing.com; expires=Fri, 12-Jan-2024 09:42:28 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C64200C25B7E415A91ACD9D193219E25 Ref B: OSL30EDGE0216 Ref C: 2022-12-18T09:42:28Z
date: Sun, 18 Dec 2022 09:42:27 GMT
content-length: 0
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-1&cid=1472833770.1671356543&jid=2032441644&gjid=2119576486&_gid=1432117541.1671356544&_u=aDDAgEADQAAAAGAAI~&z=1845315389
209.85.233.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-1&cid=1472833770.1671356543&jid=2032441644&gjid=2119576486&_gid=1432117541.1671356544&_u=aDDAgEADQAAAAGAAI~&z=1845315389
IP 209.85.233.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-1&cid=1472833770.1671356543&jid=2032441644&gjid=2119576486&_gid=1432117541.1671356544&_u=aDDAgEADQAAAAGAAI~&z=1845315389 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.squadhelp.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 18 Dec 2022 09:42:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-4&cid=1472833770.1671356543&jid=452727071&gjid=191929532&_gid=1432117541.1671356544&_u=KDDAAEACQAAAACAAI~&z=13506107
209.85.233.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-4&cid=1472833770.1671356543&jid=452727071&gjid=191929532&_gid=1432117541.1671356544&_u=KDDAAEACQAAAACAAI~&z=13506107
IP 209.85.233.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-4&cid=1472833770.1671356543&jid=452727071&gjid=191929532&_gid=1432117541.1671356544&_u=KDDAAEACQAAAACAAI~&z=13506107 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.squadhelp.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 18 Dec 2022 09:42:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=C3E674E181BE4100B2264B92FCEB77C0&MUID=359BA52FDBEF60B21570B751DA1A61A0
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=C3E674E181BE4100B2264B92FCEB77C0&MUID=359BA52FDBEF60B21570B751DA1A61A0
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=C3E674E181BE4100B2264B92FCEB77C0&MUID=359BA52FDBEF60B21570B751DA1A61A0 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Mon, 12 Dec 2022 18:28:34 GMT
accept-ranges: bytes
etag: "ea79178b57ed91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 18-Dec-2022 09:52:28 GMT; path=/; SameSite=None; Secure;
date: Sun, 18 Dec 2022 09:42:28 GMT
content-length: 42
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1671356543641%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fname%252Fterrout7.biz%253Flp%253Dd%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1671356543641%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fname%252Fterrout7.biz%253Flp%253Dd%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1671356543641%26url%3Dhttps%253A%252F%252Fwww.squadhelp.com%252Fname%252Fterrout7.biz%253Flp%253Dd%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1671356543641&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&efb4c8d2-d092-4435-8b8d-88df3920c884"; Domain=.linkedin.com; Expires=Mon, 18-Dec-2023 09:42:28 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221218094228d382cf11-56e4-497f-8d18-717dc1ba4fb6AQH3w8eYQ4UdbNL4cyRbIsj61-nxAnEf"; Domain=.www.linkedin.com; Expires=Mon, 18-Dec-2023 09:42:28 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzEzNTY1NDg7MjswMjGG3B5buMXjNiLv/v5B8SbrVXy5avl9wDadI8W+t5eA3g==; Domain=.linkedin.com; Expires=Fri, 16 Jun 2023 09:42:28 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2402:u=1:x=1:i=1671356548:t=1671442948:v=2:sig=AQF4Wz9T6N9daVRtjgSrcewo2AEIfhhy"; Expires=Mon, 19 Dec 2022 09:42:28 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXwFwVdB6sW0kRz1X9uHw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FD8A43DC04414788ADF88495D7B38EC8 Ref B: OSL30EDGE0517 Ref C: 2022-12-18T09:42:28Z
date: Sun, 18 Dec 2022 09:42:27 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash a3cc76a8b2b38d5f74679e928839f0e8
4437ee175e3ac9507f65484ef3f100b917351960
05eb5f5be1d32fc6486c656198c10f57973965a39c9ce807944e58605e6cd33b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143484
Date: Sun, 18 Dec 2022 09:42:28 GMT
Etag: "639e5582-1d7"
Expires: Tue, 20 Dec 2022 01:33:52 GMT
Last-Modified: Sat, 17 Dec 2022 23:49:22 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jIneiIMknCOSZyaQr8EH_r_bOAY-H0AKNVn6lk_0MsvNVnmi4X6q3A==
Age: 6270
bam.nr-data.net/1/a159e7928d?a=126710130&v=1220.PROD&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=4153&ck=0&s=9c605ae118817835&ref=https://www.squadhelp.com/name/terrout7.biz&ap=337&be=2321&fe=104&dc=88&perf=%7B%22timing%22:%7B%22of%22:1671356540303,%22n%22:0,%22f%22:632,%22dn%22:638,%22dne%22:666,%22c%22:666,%22s%22:670,%22ce%22:695,%22rq%22:696,%22rp%22:2041,%22rpe%22:2042,%22dl%22:2054,%22di%22:2258,%22ds%22:2292,%22de%22:2295,%22dc%22:2314,%22l%22:2314,%22le%22:2334%7D,%22navigation%22:%7B%7D%7D&fcp=2259&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/a159e7928d?a=126710130&v=1220.PROD&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=4153&ck=0&s=9c605ae118817835&ref=https://www.squadhelp.com/name/terrout7.biz&ap=337&be=2321&fe=104&dc=88&perf=%7B%22timing%22:%7B%22of%22:1671356540303,%22n%22:0,%22f%22:632,%22dn%22:638,%22dne%22:666,%22c%22:666,%22s%22:670,%22ce%22:695,%22rq%22:696,%22rp%22:2041,%22rpe%22:2042,%22dl%22:2054,%22di%22:2258,%22ds%22:2292,%22de%22:2295,%22dc%22:2314,%22l%22:2314,%22le%22:2334%7D,%22navigation%22:%7B%7D%7D&fcp=2259&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/a159e7928d?a=126710130&v=1220.PROD&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=4153&ck=0&s=9c605ae118817835&ref=https://www.squadhelp.com/name/terrout7.biz&ap=337&be=2321&fe=104&dc=88&perf=%7B%22timing%22:%7B%22of%22:1671356540303,%22n%22:0,%22f%22:632,%22dn%22:638,%22dne%22:666,%22c%22:666,%22s%22:670,%22ce%22:695,%22rq%22:696,%22rp%22:2041,%22rpe%22:2042,%22dl%22:2054,%22di%22:2258,%22ds%22:2292,%22de%22:2295,%22dc%22:2314,%22l%22:2314,%22le%22:2334%7D,%22navigation%22:%7B%7D%7D&fcp=2259&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 09:42:28 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 77b6f2db8804b4fa-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1671356543641&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1671356543641&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34987&time=1671356543641&url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&f601af32-fb6f-40fd-8cf1-a33bdfc893fd"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 18-Dec-2023 09:42:28 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2402:u=1:x=1:i=1671356548:t=1671442948:v=2:sig=AQF4Wz9T6N9daVRtjgSrcewo2AEIfhhy"; Expires=Mon, 19 Dec 2022 09:42:28 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXwFwVgJZTJ6ALxa83v5A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D65EF07C7C794125B23A82803A8E89A5 Ref B: OSL30EDGE0517 Ref C: 2022-12-18T09:42:28Z
date: Sun, 18 Dec 2022 09:42:28 GMT
content-length: 0
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1149
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
date: Sun, 18 Dec 2022 09:42:28 GMT
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.css
54.225.101.189200 OK 27 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.css
IP 54.225.101.189:0
Hash 83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Sun, 18 Dec 2022 09:42:28 GMT
Content-Length: 27
Connection: keep-alive
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 140720
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
date: Sun, 18 Dec 2022 09:42:28 GMT
X-Firefox-Spdy: h2
trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=39&ssd=1&est=1671356543721&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1671356545282&vi=1671356543719&ri=e2a594c9ace208fdfb5ec8e3983bee37&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=39&ssd=1&est=1671356543721&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1671356545282&vi=1671356543719&ri=e2a594c9ace208fdfb5ec8e3983bee37&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1344021/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=39&ssd=1&est=1671356543721&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1671356545282&vi=1671356543719&ri=e2a594c9ace208fdfb5ec8e3983bee37&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 18 Dec 2022 09:42:29 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&t=terrout7.biz&tip=S9O5c8tJ-JUR6RQT9XFrHF-V6QTb62nYYCx4PtH-cso&host=https://www.squadhelp.com&sa-user-id-v2=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo&sa-user-id=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo
54.225.101.189200 OK 116 B URL HTTP/1.1 tags.srv.stackadapt.com/saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&t=terrout7.biz&tip=S9O5c8tJ-JUR6RQT9XFrHF-V6QTb62nYYCx4PtH-cso&host=https://www.squadhelp.com&sa-user-id-v2=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo&sa-user-id=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo
IP 54.225.101.189:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9e29b9729014a4e6a0f9acf522daa07d
7ecad4e87388022ea224a8752b5ccf02aa3abcac
65d6fc76a8f26596cce60b33939093689c23e38cdc324343e82b3e7951ea84a1
GET /saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd&t=terrout7.biz&tip=S9O5c8tJ-JUR6RQT9XFrHF-V6QTb62nYYCx4PtH-cso&host=https://www.squadhelp.com&sa-user-id-v2=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo&sa-user-id=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.squadhelp.com
Content-Type: text/plain; charset=utf-8
Date: Sun, 18 Dec 2022 09:42:29 GMT
Set-Cookie: sa-user-id=s%3A0-eefa92f7-1203-436e-4aaf-6df681c763ca.a9TdqoAmFHSB56DdeLLJsUh%2BRpAJC21z2cfoYb3gZTo; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3A7vqS9xIDQ25Kr232gcdjyltaKpo.QrLPpn6FpUWWtD0wit1mWFGiJxtF3KQWrucnHHavK6s; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 116
Connection: keep-alive
cdn.linkedin.oribi.io/partner/34987/domain/squadhelp.com/token
54.230.111.78200 OK 713 B URL HTTP/2 cdn.linkedin.oribi.io/partner/34987/domain/squadhelp.com/token
IP 54.230.111.78:0
Hash 447451e55fa0e4eb0cfff1294b8a864d
ee199d3164ac20e7581af348f369cb30f83b0e97
8c86825003c47a5af4c44080d9bfd1b32172c50c90d6fb721e4c2d8e801eadf7
GET /partner/34987/domain/squadhelp.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sun, 18 Dec 2022 09:23:31 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -KZYEgR1_iFH5ci2A68RTkbQmsd-j9LXvSS4KMNs--7hjfkJm-C9Pg==
age: 1137
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 476
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
date: Sun, 18 Dec 2022 09:42:30 GMT
X-Firefox-Spdy: h2
trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=4561&scd=39&ssd=1&est=1671356543721&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1671356548283&vi=1671356543719&ri=e2a594c9ace208fdfb5ec8e3983bee37&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=4561&scd=39&ssd=1&est=1671356543721&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1671356548283&vi=1671356543719&ri=e2a594c9ace208fdfb5ec8e3983bee37&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1344021/log/3/unip?en=pre_d_eng_tb&tos=4561&scd=39&ssd=1&est=1671356543721&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1671356548283&vi=1671356543719&ri=e2a594c9ace208fdfb5ec8e3983bee37&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squadhelp.com
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 18 Dec 2022 09:42:31 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.squadhelp.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/in.svg
172.66.42.241200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/in.svg
IP 172.66.42.241:0
GET /html/html/static_images/in.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:37 GMT
etag: W/"6345b431-373"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 410185
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=NfxgxJNHp1g3J.wOdw_2ESGrtHy7gvJ4y_pDo9QOBws-1671356546-0-Aa_jqlLtx7qdPySDrGmNM5XbjRy3yU3Q7479BfB_p2qEqa3ZZL3SuxusWP9kyhgGFbNVncQuaRw9qqegWP_enBDH5kdzQad10ujGK5qhb7Bi"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=NfxgxJNHp1g3J.wOdw_2ESGrtHy7gvJ4y_pDo9QOBws-1671356546-0-Aa_jqlLtx7qdPySDrGmNM5XbjRy3yU3Q7479BfB_p2qEqa3ZZL3SuxusWP9kyhgGFbNVncQuaRw9qqegWP_enBDH5kdzQad10ujGK5qhb7Bi; report-to cf-csp-endpoint
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2cceb72b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
trc.taboola.com/1344021/trc/3/json?tim=1671356543724&data=%7B%22id%22%3A759%2C%22ii%22%3A%22%2Fname%2Fterrout7.biz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1671356543719%2C%22cv%22%3A%2220221211-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Flp%3Dd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1671356543723%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A39%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.129.44200 OK 0 B URL HTTP/2 trc.taboola.com/1344021/trc/3/json?tim=1671356543724&data=%7B%22id%22%3A759%2C%22ii%22%3A%22%2Fname%2Fterrout7.biz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1671356543719%2C%22cv%22%3A%2220221211-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Flp%3Dd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1671356543723%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A39%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.129.44:0
GET /1344021/trc/3/json?tim=1671356543724&data=%7B%22id%22%3A759%2C%22ii%22%3A%22%2Fname%2Fterrout7.biz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1671356543719%2C%22cv%22%3A%2220221211-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Flp%3Dd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1671356543723%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fterrout7.biz%3Flp%3Dd%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A39%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Dec 2022 09:42:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1646-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1671356548.850123,VS0,VE131
vary: Accept-Encoding
x-vcl-time-ms: 131
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.7.1/clarity.js
13.107.246.53200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.7.1/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d91019fc767c9e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0vrydYwAAAAA4wOzLuwGkTYCaBpGUt4cpQU1TMDRFREdFMTkxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0g+CeYwAAAAA7bitdLOtOTruZ2NXRE2nXU1ZHMjBFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 18 Dec 2022 09:42:27 GMT
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-heart.svg
172.66.42.241200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-heart.svg
IP 172.66.42.241:0
GET /html/html/static_images/icon-heart.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:39 GMT
etag: W/"6345b433-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 410185
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2ccdb56b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-hamburger.svg
172.66.42.241200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-hamburger.svg
IP 172.66.42.241:0
GET /html/html/static_images/icon-hamburger.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:22 GMT
etag: W/"6345b422-c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 410185
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2ccdb60b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-arrow-down-blue.svg
172.66.42.241200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-arrow-down-blue.svg
IP 172.66.42.241:0
GET /html/html/static_images/icon-arrow-down-blue.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:43 GMT
etag: W/"6345b437-326"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 1941612
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2cceb6cb52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/youtube.svg
172.66.42.241200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/youtube.svg
IP 172.66.42.241:0
GET /html/html/static_images/youtube.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:09 GMT
etag: W/"6345b415-36d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 410185
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2cceb73b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.66.42.241200 OK 0 B URL HTTP/2 www.squadhelp.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.66.42.241:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/terrout7.biz?lp=d
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:25 GMT
content-type: application/javascript
last-modified: Wed, 14 Dec 2022 12:21:11 GMT
etag: W/"6399bfb7-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2cc5aa6b52d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 20 Dec 2022 09:42:25 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.squadhelp.com/static_images/approved-footer-2.svg
172.66.42.241200 OK 0 B URL HTTP/2 www.squadhelp.com/static_images/approved-footer-2.svg
IP 172.66.42.241:0
GET /static_images/approved-footer-2.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/terrout7.biz?lp=d
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:25 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Sep 2022 17:47:30 GMT
etag: W/"63333732-14e52"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 4770105
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2cc5aa5b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
terrout7.biz/
188.114.96.1301 Moved Permanently 0 B IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: terrout7.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sun, 18 Dec 2022 09:42:24 GMT
content-type: text/html
location: https://www.squadhelp.com/name/terrout7.biz?lp=d
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbxfE0c8%2Bu4FgFhXo0NI8gYUzWYKKNHLSaam9J8sbKIr1A9YG%2FWX%2FEMT4vfmQggY8PGhiVa3I6gIkDmhXQku3%2Fo8UB%2FRnTUioE5%2BqDzEH%2FgzdQpP2x%2FeBo%2BZLJZkRgc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b6f2c20c6fb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.squadhelp.com/static_images/logo.svg
172.66.42.241200 OK 0 B URL HTTP/2 www.squadhelp.com/static_images/logo.svg
IP 172.66.42.241:0
GET /static_images/logo.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/terrout7.biz?lp=d
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:25 GMT
content-type: image/svg+xml
last-modified: Mon, 12 Sep 2022 15:00:45 GMT
etag: W/"631f499d-1321"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 4770105
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2cc5aa3b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-phone.svg
172.66.42.241200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-phone.svg
IP 172.66.42.241:0
GET /html/html/static_images/icon-phone.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:38 GMT
etag: W/"6345b432-37c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 298692
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2ccdb4eb52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
qvdt3feo.com/events.js
34.228.202.160200 OK 0 B IP 34.228.202.160:0
GET /events.js HTTP/1.1
Host: qvdt3feo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:28 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=5
content-encoding: gzip
X-Firefox-Spdy: h2
www.squadhelp.com/name/terrout7.biz?lp=d
172.66.42.241200 OK 0 B URL HTTP/2 www.squadhelp.com/name/terrout7.biz?lp=d
IP 172.66.42.241:0
GET /name/terrout7.biz?lp=d HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
endpoint: sh-live-next
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 09:42:25 GMT
set-cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=; path=/; expires=Sun, 18-Dec-22 10:12:25 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 77b6f2c34ad6b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.66.42.241200 OK 0 B URL HTTP/2 www.squadhelp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.66.42.241:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/name/terrout7.biz?lp=d
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:25 GMT
content-type: application/javascript
last-modified: Wed, 14 Dec 2022 12:21:11 GMT
etag: W/"6399bfb7-302c"
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2cc5aa7b52d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 20 Dec 2022 09:42:25 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-arrow-long-right.svg
172.66.42.241200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-arrow-long-right.svg
IP 172.66.42.241:0
GET /html/html/static_images/icon-arrow-long-right.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/038bad14a99efd36d54b91f92256d7c4.css
Cookie: __cf_bm=wb.OjoEdcs0UOVoBfmStedWIyFACDFdrBPxJHclB3YE-1671356545-0-AdxipZ6PUUiTp6TMC4HbvFgriwGPfKzlCzYMw7xdGpMu2HGBEiFMheoqw+DaH6YpczPG5f1CDyLqnqaFP8yRz24=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 09:42:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:41 GMT
etag: W/"6345b435-e1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 443308
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b6f2cceb69b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2