gotocom.xyz/
104.21.49.150301 Moved Permanently 0 B IP 104.21.49.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gotocom.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 16:45:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 30 Jan 2023 17:45:23 GMT
Location: https://gotocom.xyz/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fD8mLwFrmwwokAoMISLruanJSNSTzb3uQ6Vpr6cOrIFTwU5eR%2Fd%2BxDi9F82k1IeooL5aoqzGjplZOjPKEviF9KeFxciOrXKeGZ1CYKSVKdJVgU9%2FBtyUhSeuoOHqw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bad7f3ef9b50b-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5761
Expires: Mon, 30 Jan 2023 18:21:24 GMT
Date: Mon, 30 Jan 2023 16:45:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5170
Expires: Mon, 30 Jan 2023 18:11:33 GMT
Date: Mon, 30 Jan 2023 16:45:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 16:43:12 GMT
content-type: application/json
age: 131
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7580
Expires: Mon, 30 Jan 2023 18:51:43 GMT
Date: Mon, 30 Jan 2023 16:45:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GELRlQTYdn51eadTrFnaUMJPEktlPri4FnoIoxT0m+lG4fjw2dN0y6iS+KdKaHPRLz9jx97DH8g=
x-amz-request-id: GXKCAHVFN40HS0A9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 16:21:52 GMT
age: 1411
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 16:45:23 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/0g2jCgNkFwM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/0g2jCgNkFwM
IP 142.250.74.131:0
Hash 68e334419055f7c6e56aa7637a964d49
178957ed908b066f7eb7b54b80b8bbdd41e20e14
45648d9864165e0535b62676335b6bdd667ebad76208caf4c0b215d64ce28b0e
POST /s/gts1p5/0g2jCgNkFwM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 16:41:41 GMT
age: 223
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/0g2jCgNkFwM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/0g2jCgNkFwM
IP 142.250.74.131:0
Hash 68e334419055f7c6e56aa7637a964d49
178957ed908b066f7eb7b54b80b8bbdd41e20e14
45648d9864165e0535b62676335b6bdd667ebad76208caf4c0b215d64ce28b0e
POST /s/gts1p5/0g2jCgNkFwM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 552154d2cd325baacca5af9bc6b31cc0
296b64c7fb4a8051ec695855fa88688a9933de3f
fe91ed20b0693f5760296ba47e0e74b5d825dc06d4a889dfd9276744e99baa36
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FE91ED20B0693F5760296BA47E0E74B5D825DC06D4A889DFD9276744E99BAA36"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12364
Expires: Mon, 30 Jan 2023 20:11:28 GMT
Date: Mon, 30 Jan 2023 16:45:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3568
Expires: Mon, 30 Jan 2023 17:44:52 GMT
Date: Mon, 30 Jan 2023 16:45:24 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.148.36101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.148.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mrbNSaUxhOkiO+BjsYQpww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Duzc5be38xn+VgsNeHETEQCt5Jk=
domains.squadhelp.com/html/html/static_images/home-icon2.png
104.22.50.96200 OK 2.2 kB URL HTTP/2 domains.squadhelp.com/html/html/static_images/home-icon2.png
IP 104.22.50.96:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b31c6de35a7a24bd049cee7a1558c157
f53487cd7110bd9addbc08bd91707e34c98ee4e1
8d09c2a5731ced1cf0fd4e7f49645ba163bc2e32d35dd88b07a8fbee29639574
GET /html/html/static_images/home-icon2.png HTTP/1.1
Host: domains.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/lpd/name/gotocom.xyz
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:25 GMT
content-type: image/webp
content-length: 2166
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3373
content-disposition: inline; filename="home-icon2.webp"
etag: "63b2d801-d2d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 02 Jan 2023 13:11:29 GMT
vary: Accept
cf-cache-status: HIT
age: 352190
accept-ranges: bytes
server: cloudflare
cf-ray: 791bad8d4f94b51d-OSL
X-Firefox-Spdy: h2
domains.squadhelp.com/html/html/static_images/home-icon1.png
104.22.50.96200 OK 3.6 kB URL HTTP/2 domains.squadhelp.com/html/html/static_images/home-icon1.png
IP 104.22.50.96:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 255e49a515ce5a8fe5cef7a24045ca30
65072fc8cafd2abbd553c3ad5df5ca93b195d41c
c103affc8be9313fd99aff050e5db5c6d1bc94856e6b52b770ab5d4f5462d7cb
GET /html/html/static_images/home-icon1.png HTTP/1.1
Host: domains.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/lpd/name/gotocom.xyz
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:25 GMT
content-type: image/webp
content-length: 3552
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5219
content-disposition: inline; filename="home-icon1.webp"
etag: "63b2d7ed-1463"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 02 Jan 2023 13:11:09 GMT
vary: Accept
cf-cache-status: HIT
age: 352190
accept-ranges: bytes
server: cloudflare
cf-ray: 791bad8d4f8db51d-OSL
X-Firefox-Spdy: h2
domains.squadhelp.com/html/html/static_images/home-icon3.png
104.22.50.96200 OK 2.7 kB URL HTTP/2 domains.squadhelp.com/html/html/static_images/home-icon3.png
IP 104.22.50.96:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2669c0dc36a56e7ae681b3c063fe0dcc
efce14449860b648ef0788a6ebdca0151318968c
5315f1506f9c7ff4bcba0a685a489554ef67d8c6c189f24df2193778f34d3caa
GET /html/html/static_images/home-icon3.png HTTP/1.1
Host: domains.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/lpd/name/gotocom.xyz
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:25 GMT
content-type: image/webp
content-length: 2736
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=4142
content-disposition: inline; filename="home-icon3.webp"
etag: "63b2d7ee-102e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 02 Jan 2023 13:11:10 GMT
vary: Accept
cf-cache-status: HIT
age: 352190
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=1h8hfHnYXwcpzDhuIBRbrtnlQXYclz3LzCJVXnqQKwQ-1675097125-0-Ae40y97AfabnTxFxGEu2VnYxywOA33MZEcBFuYI_VuXuC_C7s_9w3xlKbCzu9E-zIRrTnoxeOLD2SfboomS3oRqkJxLOax-PNgvXJDunm_go"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=1h8hfHnYXwcpzDhuIBRbrtnlQXYclz3LzCJVXnqQKwQ-1675097125-0-Ae40y97AfabnTxFxGEu2VnYxywOA33MZEcBFuYI_VuXuC_C7s_9w3xlKbCzu9E-zIRrTnoxeOLD2SfboomS3oRqkJxLOax-PNgvXJDunm_go; report-to cf-csp-endpoint
server: cloudflare
cf-ray: 791bad8d4f95b51d-OSL
X-Firefox-Spdy: h2
domains.squadhelp.com/resources/views/frontend/sellers/theme5/imgs/video.png
104.22.50.96200 OK 103 kB URL HTTP/2 domains.squadhelp.com/resources/views/frontend/sellers/theme5/imgs/video.png
IP 104.22.50.96:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 103 kB (102874 bytes)
Hash 5d2393021d371aed3cca4c0db1414cf0
6a3b169c6f5395bfc8f969c634e11daffc558d6c
82b305c25c6a7093ff4f0032658ac2a778de3465a4556656b861377395e043ab
GET /resources/views/frontend/sellers/theme5/imgs/video.png HTTP/1.1
Host: domains.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/lpd/name/gotocom.xyz
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:25 GMT
content-type: image/webp
content-length: 102874
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=166612
content-disposition: inline; filename="video.webp"
etag: "630e09f2-28ad4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 30 Aug 2022 13:00:34 GMT
vary: Accept
cf-cache-status: HIT
age: 352190
accept-ranges: bytes
server: cloudflare
cf-ray: 791bad8d4f98b51d-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 698f00d6646a025148eea00586ed98a5
282030ec7c66514647d917586a1c6462046707dc
abbbb6fedf883f3bc33af23e0cadf0dafa155c4e1fe25d8766b965fb5b91b87b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4708
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:26 GMT
Last-Modified: Mon, 30 Jan 2023 15:26:58 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8752
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 16:45:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8752
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 16:45:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8752
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 16:45:26 GMT
Connection: keep-alive
www.squadhelp.com/var/1ae682199df69100177377a183804675.css
104.22.50.96200 OK 59 kB URL HTTP/2 www.squadhelp.com/var/1ae682199df69100177377a183804675.css
IP 104.22.50.96:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b9a0a264fefe017f6912d314d454efd7
071f112ea12a32b1410fac3f6b4cf0bacfcaea7a
c2e81a9c22ddf1b29cb4d59ac70a1796b5f1ed42cb0b3ebb511d74d515d9caea
GET /var/1ae682199df69100177377a183804675.css HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 15:56:55 GMT
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 89276
server: cloudflare
cf-ray: 791bad8d8fe4b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
domains.squadhelp.com/html/html/static_images/logo.svg
104.22.50.96200 OK 13 kB URL HTTP/2 domains.squadhelp.com/html/html/static_images/logo.svg
IP 104.22.50.96:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (773)
Hash d5ddd1bcff7673b7fc74abeb835f2010
ccddd1132d2128732b1bd15f143c125f6093d968
c91f769383e22f9ebc322f1a086a4b40d6d399392db522f81df32985f41a66e5
GET /html/html/static_images/logo.svg HTTP/1.1
Host: domains.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/lpd/name/gotocom.xyz
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:25 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:16 GMT
etag: W/"6345b41c-1321"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 352191
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8d4f80b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
domains.squadhelp.com/html/html/static_images/approved.svg
104.22.50.96200 OK 38 kB URL HTTP/2 domains.squadhelp.com/html/html/static_images/approved.svg
IP 104.22.50.96:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (40082)
Hash 8a0a45f3a29b06270c33447cde813222
05c17899812e2165d9c9542d89e7a35dd1cc0231
70a6647f5b1219dae1c7343b340f708446e6f6be29ac302b7a2654ddd03ddf68
GET /html/html/static_images/approved.svg HTTP/1.1
Host: domains.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/lpd/name/gotocom.xyz
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:25 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:02 GMT
etag: W/"6345b40e-9e1e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 352190
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8d4f85b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 67559
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 83370
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XABaoZCqUulmnfZOXx6XTLSUMS5Mie6u0OfkqozmBzCf3Qjzf-fbRA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:32 GMT
age: 67854
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-arrow-down-blue.svg
104.22.50.96200 OK 14 kB URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-arrow-down-blue.svg
IP 104.22.50.96:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (679)
Hash a8711527d60d8176ba93f7f3a0990ac3
3a30c61b70eb7b2befa6ade0d426bad44c8c2e6a
da24ec38432114cff378aa52f47a600a79431c59c585ee9344d0f1bc48ce8634
GET /html/html/static_images/icon-arrow-down-blue.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:43 GMT
etag: W/"6345b437-326"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 5682192
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8ee9ceb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-arrow-left.svg
104.22.50.96200 OK 20 kB URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-arrow-left.svg
IP 104.22.50.96:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bbe6fdb44265db85c764b760e0b0d69a
8a8743fddec31796d616af0e8e5fc7a87b6662fc
aab83479c589e14f36df2dce10dd345012f14a1ad21ea131d2bb0e7b129310dc
GET /html/html/static_images/icon-arrow-left.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:20:58 GMT
etag: W/"6345b40a-de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 4183888
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8ee9d3b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-caret-right.svg
104.22.50.96200 OK 754 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-caret-right.svg
IP 104.22.50.96:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (384)
Hash b8754d0e04543fe5161415bf02b37ed3
2dc6acdbc261ab80ce40dd475c9b18e643ffeaca
299fea7aaa60e614d945b448c7cb241030cd1e88bd9a2669907972416cb8c0f9
GET /html/html/static_images/icon-caret-right.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:31 GMT
etag: W/"6345b42b-1e6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 327442
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8ee9d6b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-hamburger.svg
104.22.50.96200 OK 1.9 kB URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-hamburger.svg
IP 104.22.50.96:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 403187a7def6456c1f2c07f0b11a317e
ed583c16f3e0d8c028569df3f95df7f9ec0ed302
0cb94b99aa8f8cd859a9d11958677296671274961c1ed818287435f465629138
GET /html/html/static_images/icon-hamburger.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:22 GMT
etag: W/"6345b422-c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 4150765
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8ed9c6b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1f5d727bb82db74a67202454a4143ce3
43b24c9e58c42062b92060521317450efca480ad
02aa2ec2acec9ba32a60f6c803a44a04244ac9dc2db66f04208fb128172cfb59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02AA2EC2ACEC9BA32A60F6C803A44A04244AC9DC2DB66F04208FB128172CFB59"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18198
Expires: Mon, 30 Jan 2023 21:48:44 GMT
Date: Mon, 30 Jan 2023 16:45:26 GMT
Connection: keep-alive
www.squadhelp.com/domain_audios/gotocom.xyz-291.mp3
104.22.50.96206 Partial Content 55 kB URL HTTP/2 www.squadhelp.com/domain_audios/gotocom.xyz-291.mp3
IP 104.22.50.96:0
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 48 kbps, 24 kHz, Monaural\012- data
Hash 0a4a878244eabc39489963cda6b1660f
2f84850f3737c326611f661670dc76ec9c202eae
cfffea9b8e64789a8d4cdd718d0318816d118ce6dac1175bda9d99d77fd85e70
GET /domain_audios/gotocom.xyz-291.mp3 HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 206 Partial Content
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: audio/mpeg
content-length: 55053
last-modified: Fri, 14 Oct 2022 17:42:18 GMT
etag: "63499f7a-d70d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: MISS
content-range: bytes 0-55052/55053
server: cloudflare
cf-ray: 791bad8d8fe6b51d-OSL
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/mp_sale_images/sale-image-80085-gotocom.xyz.jpg?class=showsq
194.242.11.186200 OK 37 kB URL HTTP/2 img.squadhelp.com/story_images/mp_sale_images/sale-image-80085-gotocom.xyz.jpg?class=showsq
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 56a7b35ca16f620ea05eeae1bd2bd28d
5936b166a34f33b761753f8fea4d6d2cce120afc
33b467920911dacd2566e83347a27ad38a482278b2ced3b28112f3f79af86ad6
GET /story_images/mp_sale_images/sale-image-80085-gotocom.xyz.jpg?class=showsq HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/webp
content-length: 36590
server: BunnyCDN-NO1-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 30 Jan 2023 16:45:26 GMT
x-bo-server: ASB-206
x-downloadsize: 68797
x-bo-origindownloadtime: 18
x-bo-processingtime: 12
x-bo-compressionratio: 46.81%
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/30/2023 16:45:26
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e107368fd8251f920fa1b9f0e51e0a99
cdn-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M6CM29
172.217.21.168200 OK 103 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M6CM29
IP 172.217.21.168:0
File type ASCII text, with very long lines (54134)
Size 103 kB (102577 bytes)
Hash f2b30b79b525a7125ec2d323e47e9f68
be75817922303d9c7fc71cb249014df907d8521e
d7de74f21c4ae3b9d66ce5039c6132e6ce6ebeaa83c2856a1caa17ce5f3d10a5
GET /gtm.js?id=GTM-M6CM29 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 16:45:26 GMT
expires: Mon, 30 Jan 2023 16:45:26 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.intercom.io/widget/ld9mkn53
54.230.111.119200 OK 6.0 kB URL HTTP/2 widget.intercom.io/widget/ld9mkn53
IP 54.230.111.119:0
File type Unicode text, UTF-8 text, with very long lines (18637), with no line terminators
Hash 24aab96aff3343df9e7467a79e7eec9d
47b6f98b6f6b78486a6af662516b87e5b784f305
13dea13d5b7c3e74a5a3965cc47a14c6d7255b5fff485c757153d2f28c7bb574
GET /widget/ld9mkn53 HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6045
last-modified: Mon, 30 Jan 2023 15:40:32 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: DIbeuJuxxULyYbi.xge5eXKeR7Dxq8PO
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 16:25:43 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "24aab96aff3343df9e7467a79e7eec9d"
x-cache: Error from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: AC9T-XuOXYircloKDZ31MKQMermyLXmHnQybR4zXDwwoc4n2-fMZVg==
age: 1185
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
js.intercomcdn.com/frame.fbb34ef6.js
54.230.111.62200 OK 140 kB URL HTTP/2 js.intercomcdn.com/frame.fbb34ef6.js
IP 54.230.111.62:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 140 kB (139558 bytes)
Hash ea3c12adaa12bd8fb5867282760e2cdd
495b1d4287d7e711466a39798619d6fcc5b031a5
9a562ebf81c89d45037ce28c17a355c9ba927da022773034610df99b0b9ea075
GET /frame.fbb34ef6.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 139558
date: Mon, 30 Jan 2023 15:40:44 GMT
last-modified: Mon, 30 Jan 2023 15:38:45 GMT
etag: "ea3c12adaa12bd8fb5867282760e2cdd"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, s-maxage=7200, public
content-encoding: gzip
x-amz-version-id: 7K6VqwgzK_n3ve6z1HwUeE_tIW2SDzf9
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: vOwvCclwLske--M2yO5ss328LDW-k6YvUa4KsCM5YBiAMyT9h-9ebA==
age: 3884
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-user.svg
104.22.50.96200 OK 1.9 kB URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-user.svg
IP 104.22.50.96:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1790)
Hash 7d9713e12ceba56e652ac81c11743cd6
be542fe1b13b83ebcd60ef4db12dbb93790a3d27
98e754240c5172c59b28fe401fff872944b3fa4a44dc4b67d276c882d0498f20
GET /html/html/static_images/icon-user.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:07 GMT
etag: W/"6345b413-766"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 4150765
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8ec9b7b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.intercomcdn.com/vendor.093ba5d6.js
54.230.111.62200 OK 108 kB URL HTTP/2 js.intercomcdn.com/vendor.093ba5d6.js
IP 54.230.111.62:0
File type Unicode text, UTF-8 text, with very long lines (65431)
Size 108 kB (108273 bytes)
Hash b07617332a2da4edc9e0f73e8c835864
e216fd88984adb61c529de4ca3ae057184307bb2
0119b8c48940d6be3916419cd80b7446fa81ee2c764dd80533d431213a822849
GET /vendor.093ba5d6.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108273
date: Mon, 30 Jan 2023 15:40:44 GMT
last-modified: Mon, 30 Jan 2023 15:38:46 GMT
etag: "b07617332a2da4edc9e0f73e8c835864"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, s-maxage=7200, public
content-encoding: gzip
x-amz-version-id: 68hR4SddAYJ4YSqUMfba8rnYV7YKVEHn
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: va6rF8iWtbTj0K5s5LwKnUpjiYt7rHiVNGuUUIR3MF6cvdoIZzZ39Q==
age: 3884
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash f1e8b19276ebbdda260d9d0a27472af4
d9970e5905c641496c4a3a189195ae17e60cc381
d36b5336b8aed1a7f338517c2186c5e983c37e58cb30e335f924bc07c7cc29df
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 16:45:27 GMT
Last-Modified: Mon, 30 Jan 2023 16:07:20 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -poIpvpjItfuWQNzwTgCM0YgpC1E-NkchI9YNLIggdMiY2K_7JTbew==
Age: 2287
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 98a7f980a8d95df1ae26524eceab3fe9
95b25d26a9e8ad740c49495ea16cfb8cba2192f3
7d2a740bdfba0834d0144eea48e2b66bf1fc552e21a7ee84caff33bd4ea3c728
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2360
Cache-Control: max-age=91477
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:27 GMT
Etag: "63d6ad44-118"
Expires: Tue, 31 Jan 2023 18:10:04 GMT
Last-Modified: Sun, 29 Jan 2023 17:30:44 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 61fca20c48f76c99be770c330932e1ff
e6a52723f21b357bc4ea0f1e5e4f0dcfe9e28e19
96fdb3fd6eea1a0013763a862160098b54b9efdc06004f7ad0967c146e368ef5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 16:45:27 GMT
Last-Modified: Mon, 30 Jan 2023 14:56:42 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2GwajhhDTidiGycGDqMmXtoVbuEwBlAG5mRNz090FjFkvI353alGQQ==
Age: 6525
www.redditstatic.com/ads/pixel.js
151.101.193.140200 OK 7.4 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.193.140:0
File type ASCII text, with very long lines (23347)
Hash 03d5db9dfd00a5719bb4c9261e6fa1bb
be9899225f59b4d3ef6fefcf0e66b72568353a94
e90f19642062e4311b58ede732592e8f29b7799661086a0bbfc68e259fd81398
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:27 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7356
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 33816f2279d247fbe8011172531c1771
e35e54e66be349ae3efb7e529ba07eec0d282fc0
b251b8f2d29aff0a606e6ce7ba5f82bbc8d8b54c36c4b305b99cf0d81acc1ff3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5549
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:27 GMT
Last-Modified: Mon, 30 Jan 2023 15:12:58 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1d4/jXzHJ1Qi5ro
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/jXzHJ1Qi5ro
IP 142.250.74.131:0
Hash 41bca08daff2459dad30c33c3974aed9
c27b11911a7a94b2ff9524041cb0b80bffc3bf72
cf0ed3aad5704f720a187d27276d08aa0b429a4ed524cacb84123321d88b88d1
POST /s/gts1d4/jXzHJ1Qi5ro HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
monitor.fraudblocker.com/fbt.js?sid=N_PvROEYPR5Jhemba05dv
34.96.65.117200 OK 20 kB URL HTTP/2 monitor.fraudblocker.com/fbt.js?sid=N_PvROEYPR5Jhemba05dv
IP 34.96.65.117:0
File type Unicode text, UTF-8 text, with very long lines (48108)
Hash ab5f5eda41a0667e8d1c5f5bdb4005eb
8cb4456b3e44f387eccddb822d5834d950c5c840
eb6853e0a1df7ef6034adb7a5ba6280cf39b460002f540dd5b7a0650e3216fe9
GET /fbt.js?sid=N_PvROEYPR5Jhemba05dv HTTP/1.1
Host: monitor.fraudblocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvr6blZkdvzzYSLt0JYulPuRnACk7wuKJfZvlSshHMF_95Z_nm-NxQR852xoVQb1glIvfjY8QHehSjH4lkKiH9OFA
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1670458673043402
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 19805
content-encoding: gzip
x-goog-hash: crc32c=gTsrXg==, md5=q19e2kGgZn6NHF9b20AF6w==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 19805
server: UploadServer
date: Mon, 30 Jan 2023 16:17:57 GMT
expires: Mon, 30 Jan 2023 17:17:57 GMT
cache-control: public, max-age=3600
last-modified: Thu, 08 Dec 2022 00:17:53 GMT
etag: "ab5f5eda41a0667e8d1c5f5bdb4005eb"
content-type: application/x-javascript
age: 1650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/mr4XpjX7o8Q
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/mr4XpjX7o8Q
IP 142.250.74.131:0
Hash 2bbce97e5524c70a50e8da1aa275a54e
ea4852e88118ed8bcb3f00658199828bad836773
f39f5f3da0fdf935051ffa046edf4dd32f102c69fef16abfdc7a31367c9ea186
POST /s/gts1p5/mr4XpjX7o8Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e54dcd3d97b20e93bec5820073c4f47
a6d7c8605db8aa7af547756432f23c66b3f3c181
29038c3ab9d4526c362bebf271a1ea15d6ee0288d66d241b1edb1e62ea754429
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "29038C3AB9D4526C362BEBF271A1EA15D6EE0288D66D241B1EDB1E62EA754429"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1838
Expires: Mon, 30 Jan 2023 17:16:05 GMT
Date: Mon, 30 Jan 2023 16:45:27 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/jXzHJ1Qi5ro
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/jXzHJ1Qi5ro
IP 142.250.74.131:0
Hash 41bca08daff2459dad30c33c3974aed9
c27b11911a7a94b2ff9524041cb0b80bffc3bf72
cf0ed3aad5704f720a187d27276d08aa0b429a4ed524cacb84123321d88b88d1
POST /s/gts1d4/jXzHJ1Qi5ro HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
player.vimeo.com/video/720893092?h=eddf4f3cf1&app_id=122963
162.159.138.60200 OK 6.4 kB URL HTTP/1.1 player.vimeo.com/video/720893092?h=eddf4f3cf1&app_id=122963
IP 162.159.138.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (22466), with no line terminators
Hash dc7986fa5c743cb7f4fd1b73b998ce33
83eb292336e1ccacf21f8d9be0f1d959d7117415
9792b0d42d6795b6df21ee92e88b567b39de903abeb7a4c3d8a0cf01184f86b0
GET /video/720893092?h=eddf4f3cf1&app_id=122963 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 16:45:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Mon, 30 Jan 2023 16:48:29 GMT
x-host: player-6958bdb77b-hft99
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-2
x-backend-proxy: playproxy3
x-bapp-server: player-6958bdb77b-hft99
Age: 0
X-Served-By: cache-cph2320025-CPH
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675097127.279301,VS0,VE139
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=f3SCSomnWhxke3_pHz_p8kpwKRmyWb3cZqfy57MFzm8-1675097127-0-ATSj/MRWvPuK26Xz2yNAFU7CainG9gO6/x1Ftx0A8nvTXuJCtlM2zMs+i0r31ZGv2VcEoSVx2tqct97m5r7AopQ=; path=/; expires=Mon, 30-Jan-23 17:15:27 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 791bad956b28b524-OSL
Content-Encoding: gzip
q.quora.com/_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz
3.220.15.152200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz
IP 3.220.15.152:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Mon, 30 Jan 2023 16:45:27 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,24e2ad95bf5dce54dba7019965a9ef4f,10.0.0.238,12952,91.90.42.154,,98430369124,1,1675097127.485,0.001,,.,0,0,0.000,0.000,-,0,0,197,204,102,10,34729,,,,,,-,
Content-Length: 43
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 56589fdddf4e9ec4e557a28dca364e20
15dc746f3c548cae0fd75290d9b8f459361ce3db
c4931c29e7ec66ec7be014099fdb8a4add8181482b96263004a4395e7595372d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 16:45:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 15:27:43 GMT
Expires: Mon, 06 Feb 2023 15:27:42 GMT
Etag: "15dc746f3c548cae0fd75290d9b8f459361ce3db"
Cache-Control: max-age=599534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791bad9778f40afa-OSL
f.vimeocdn.com/p/4.19.0/css/player.css
151.101.86.109200 OK 21 kB URL HTTP/2 f.vimeocdn.com/p/4.19.0/css/player.css
IP 151.101.86.109:0
File type ASCII text, with very long lines (65495)
Hash 2bf806c5a7b4213686d6a409fffbd51b
99f2f8ac5d8f0d5b1094888b4121741dce105e11
53b99953589f2c761431876b1a60b84e68a1ca730b06100bcdaacf74fc97eb77
GET /p/4.19.0/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:27 GMT
age: 321332
x-served-by: cache-iad-kiad7000160-IAD, cache-bma1631-BMA
x-cache: HIT, HIT
x-cache-hits: 63, 81356
x-timer: S1675097128.646187,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20909
X-Firefox-Spdy: h2
insights.algolia.io/1/events?X-Algolia-Application-Id=UY28JH5EE6&X-Algolia-API-Key=eef4bbb1b2bf44af3b7b0b62d16a28fb&X-Algolia-Agent=insights-js%20(1.3.0)%3B%20insights-gtm%20(1.0.1)
34.96.112.9200 OK 29 B URL HTTP/2 insights.algolia.io/1/events?X-Algolia-Application-Id=UY28JH5EE6&X-Algolia-API-Key=eef4bbb1b2bf44af3b7b0b62d16a28fb&X-Algolia-Agent=insights-js%20(1.3.0)%3B%20insights-gtm%20(1.0.1)
IP 34.96.112.9:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ca1d7c9f272503952d3bf37cc4a649bd
7129c38467ef8cd3e902fe034328071f5cd07602
e5ddba99266abd003aa6eef168bc2a2bea5e69b1e0d1fc4373150934ab5dd76a
POST /1/events?X-Algolia-Application-Id=UY28JH5EE6&X-Algolia-API-Key=eef4bbb1b2bf44af3b7b0b62d16a28fb&X-Algolia-Agent=insights-js%20(1.3.0)%3B%20insights-gtm%20(1.0.1) HTTP/1.1
Host: insights.algolia.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 145
Origin: https://domains.squadhelp.com
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-type: application/json
date: Mon, 30 Jan 2023 16:45:27 GMT
content-length: 29
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.19.0/js/player.module.js
151.101.86.109200 OK 118 kB URL HTTP/2 f.vimeocdn.com/p/4.19.0/js/player.module.js
IP 151.101.86.109:0
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 118 kB (117888 bytes)
Hash 10f6761db0b438bf9072d28194ceadaf
140ef382babbc0a5de7f94ce7c8a165e61eccc80
d54aecd6d1fd5834006f747700893ac418bc3e34640d99ae638874c6a15177b0
GET /p/4.19.0/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:27 GMT
age: 321332
x-served-by: cache-iad-kcgs7200125-IAD, cache-bma1631-BMA
x-cache: HIT, HIT
x-cache-hits: 53, 58594
x-timer: S1675097128.665630,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 117888
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d.jpg?mw=80&q=85
151.101.86.109200 OK 1.5 kB URL HTTP/2 i.vimeocdn.com/video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d.jpg?mw=80&q=85
IP 151.101.86.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash 5e87158ee30c950b032e6335be012e5b
469828cd2eb6bef44f0a91b4a864318ac99af3c9
2351ff70736da33512a32489ea9bf8c6b68bc6dcc6e9275f105e6db5ac42d90a
GET /video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: 5e87158ee30c950b032e6335be012e5b
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-east1-dw29
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:27 GMT
age: 1218381
x-served-by: cache-dfw-kdfw8210022-DFW, cache-bma1631-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 935, 1
x-timer: S1675097128.665199,VS0,VE1
content-length: 1518
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 56589fdddf4e9ec4e557a28dca364e20
15dc746f3c548cae0fd75290d9b8f459361ce3db
c4931c29e7ec66ec7be014099fdb8a4add8181482b96263004a4395e7595372d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 16:45:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 15:27:43 GMT
Expires: Mon, 06 Feb 2023 15:27:42 GMT
Etag: "15dc746f3c548cae0fd75290d9b8f459361ce3db"
Cache-Control: max-age=599534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791bad9839e60afa-OSL
f.vimeocdn.com/p/4.19.0/js/vendor.module.js
151.101.86.109200 OK 92 kB URL HTTP/2 f.vimeocdn.com/p/4.19.0/js/vendor.module.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (65457)
Hash 3dc412d9b14b29dc16538197569fe3fc
a154f75ce225fa7b99cab122c5ecbd869ba09ed4
d1a20c0e2ed2c8ed8ec3503a6928179f90a54b77a3a66ddaca5bd615ae750f52
GET /p/4.19.0/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:27 GMT
age: 321332
x-served-by: cache-iad-kiad7000091-IAD, cache-bma1631-BMA
x-cache: HIT, HIT
x-cache-hits: 59, 75972
x-timer: S1675097128.829942,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 92412
X-Firefox-Spdy: h2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.86.109200 OK 985 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (1839)
Hash 0541e0ff8702adadfd34ee8c298afbdf
c10da432fdb8736622c8c1fb7708b2599cae882c
967903be4f14e85fe685577417cf83d53b5363e5f02baa3b2242c19a7030b652
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:27 GMT
age: 1159695
x-served-by: cache-iad-kiad7000106-IAD, cache-bma1631-BMA
x-cache: HIT, HIT
x-cache-hits: 4460, 228786
x-timer: S1675097128.951955,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 985
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d?mw=500&mh=278
151.101.86.109200 OK 9.1 kB URL HTTP/2 i.vimeocdn.com/video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d?mw=500&mh=278
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Hash ce8943fcc1990aaa27ba042f7a95198b
3b96cec4008bcac21cb8c2df6fd227fe60118796
8faab915d8e966c2df8846a95f9be8d7c8c9fdf8ca86fa79f298247460361994
GET /video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d?mw=500&mh=278 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: ce8943fcc1990aaa27ba042f7a95198b
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-east1-tmz7
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:27 GMT
age: 1041256
x-served-by: cache-dfw-kdfw8210138-DFW, cache-bma1631-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 738, 1
x-timer: S1675097128.965089,VS0,VE1
vary: Accept
content-length: 9082
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.9 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (17737), with no line terminators
Hash 69ccf6d91702cd65dedfbad36e94c61b
adce8bd55dcc466c709dc96e230cbdd72fb27645
9a5b793c3b453c30229658bebe68719aa0df37a71ef371a6c6117e123b091e64
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "9f0b052ec22f789c3cc95c26dd0da7f4:1674389451.57807"
Last-Modified: Sun, 22 Jan 2023 12:08:14 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Mon, 30 Jan 2023 17:05:28 GMT
Date: Mon, 30 Jan 2023 16:45:28 GMT
Content-Length: 5884
Connection: keep-alive
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=50608
date: Mon, 30 Jan 2023 16:45:28 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2456
Cache-Control: max-age=117888
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Etag: "63d71410-1d7"
Expires: Wed, 01 Feb 2023 01:30:16 GMT
Last-Modified: Mon, 30 Jan 2023 00:49:20 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 30 Jan 2023 15:45:20 GMT
expires: Mon, 30 Jan 2023 17:45:20 GMT
cache-control: public, max-age=7200
age: 3608
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-VJ36JWQDE1>m=2oe1p0&_p=2119875989&cid=295040652.1675097140&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675097140&sct=1&seg=0&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&dt=gotocom.xyz%20is%20for%20sale&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-VJ36JWQDE1>m=2oe1p0&_p=2119875989&cid=295040652.1675097140&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675097140&sct=1&seg=0&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&dt=gotocom.xyz%20is%20for%20sale&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-VJ36JWQDE1>m=2oe1p0&_p=2119875989&cid=295040652.1675097140&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675097140&sct=1&seg=0&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&dt=gotocom.xyz%20is%20for%20sale&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://domains.squadhelp.com
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://domains.squadhelp.com
date: Mon, 30 Jan 2023 16:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js-agent.newrelic.com/859.95d4308d-1222.js
151.101.130.137200 OK 3.0 kB URL HTTP/2 js-agent.newrelic.com/859.95d4308d-1222.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (6657), with no line terminators
Hash 364ac85aef21ab784eeec8f55116dff7
82089547d57defc88e114832b7eb9919a8876e31
255295be519de9a2d1040b1c547c25756b63310e2d7234bcf252ed41d5278c0b
GET /859.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PAOkWJ6WiOdnSUVZHZQv79Edy7uPwU81uM9fUJQx6T8UpQupKV3O9whnAR+3HGoYTBPmehtRe7k=
x-amz-request-id: WFN4FJZ1XN6DZ8EG
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "b087387593417c0b63259918da3584e3"
x-amz-version-id: GtNmis6Y3zB4SbtciuRtabFzp3T7wBIy
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 919
x-timer: S1675097128.203869,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2975
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: zi+edOAMhijUsTIh10WYeks/mE/OEoqAnlwVpUKbQ2e/JmKGNFCnN3AXxHlIlk3GNOR5oq8qdjDzFO82DRxIjw==
content-length: 27815
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 16:45:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://domains.squadhelp.com
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 603354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E806E7E8ACD043B78FCED0AE43885936 Ref B: OSL30EDGE0515 Ref C: 2023-01-30T16:45:28Z
date: Mon, 30 Jan 2023 16:45:27 GMT
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-heart.svg
104.22.50.96200 OK 36 kB URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-heart.svg
IP 104.22.50.96:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (682)
Hash b35f745d5a1f49acb0b918fa44b23ffa
7b351263cf6824bc04a8cee91a8f2cf69320db22
4137ae30e7bb405ee9786a05d25bdb4e5bec7e6b5e9f9685e66855908437b45b
GET /html/html/static_images/icon-heart.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:39 GMT
etag: W/"6345b433-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 4150765
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8ed9beb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:28 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410033-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
domains.squadhelp.com/geo-business-names/bubble-theme-dynamic-data
104.22.50.96200 OK 936 B URL HTTP/2 domains.squadhelp.com/geo-business-names/bubble-theme-dynamic-data
IP 104.22.50.96:0
File type JSON data\012- , ASCII text
Hash 5340df8b2b44744437da147c4d2176ad
ba0acdf6d913f37c8775a39de7c9c12e6c79b66d
413e6b794d1ff8f5e9df5346170f6202d92ca2d8ec807579a9ce986015750c6c
GET /geo-business-names/bubble-theme-dynamic-data HTTP/1.1
Host: domains.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://domains.squadhelp.com/lpd/name/gotocom.xyz
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=v1flc8nubcft4m20o15vac5ho6; expires=Tue, 31-Jan-2023 16:45:27 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791bad935809b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/search-insights@1.3.1
104.16.85.20200 OK 3.8 kB URL HTTP/2 cdn.jsdelivr.net/npm/search-insights@1.3.1
IP 104.16.85.20:0
File type ASCII text, with very long lines (10262)
Hash 53bc8399e861eb3ed56f15a6cf226909
3a277e2010d3c2e72d8fb839278010c8c1710aab
d8fa6b82fba8ab833f805767ed4f58bef49fd5ca227b97d2a2a20dad618993c2
GET /npm/search-insights@1.3.1 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:27 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.3.1
x-jsd-version-type: version
etag: W/"2817-FGLI0cv/s1qAA3nM5zLdFEpck2Q"
x-served-by: cache-fra19139-FRA, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 27242185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wz4uwaYMHOC5rt3FOLHHeMKp679Nrx%2Fi3V2VTT5dyk8tt3CWexx2lcWYapwReVL1XjjTj5w%2BbKPQT01fqUsKj37wnemwl7pXlrBBkkZxpkzNWHsz1K5O2R0zNlC6Aqc3CxI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791bad94c984b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2456
Cache-Control: max-age=117888
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Etag: "63d71410-1d7"
Expires: Wed, 01 Feb 2023 01:30:16 GMT
Last-Modified: Mon, 30 Jan 2023 00:49:20 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
domains.squadhelp.com/geo-business-names/dynamic-data-lp?domain_id=2059706&bdlCode=&affId=
104.22.50.96200 OK 982 B URL HTTP/2 domains.squadhelp.com/geo-business-names/dynamic-data-lp?domain_id=2059706&bdlCode=&affId=
IP 104.22.50.96:0
File type JSON data\012- , ASCII text
Hash c796c4758fea21ad5c785c7c3e67fde5
38aac2350bb33e6eca465c140bdab06dfcfd2950
9f524bd36511c520212010cfcd303214a38fa7531be715a84d1d5f722e66f651
GET /geo-business-names/dynamic-data-lp?domain_id=2059706&bdlCode=&affId= HTTP/1.1
Host: domains.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://domains.squadhelp.com/lpd/name/gotocom.xyz
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:27 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=d8r5hcp22nibdnismf95ls7sb5; expires=Tue, 31-Jan-2023 16:45:27 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791bad935812b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
acsbapp.com/apps/app/dist/js/app.js
104.22.1.204200 OK 170 kB URL HTTP/2 acsbapp.com/apps/app/dist/js/app.js
IP 104.22.1.204:0
File type Unicode text, UTF-8 text, with very long lines (61915), with no line terminators
Size 170 kB (170480 bytes)
Hash 9a9c0df1f5f2d761be973257e46cad22
9b250e7f2a203d9bb382fce29980e35dfe7b53af
1ce7eb9673b544740ca9ab51de3bc8c0bb02deeff8916068fc13e626d691f569
GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:27 GMT
content-type: application/x-javascript
cache-control: max-age=432000 public
expires: Tue, 31 Jan 2023 16:45:27 GMT
last-modified: Thu, 26 Jan 2023 13:36:03 GMT
etag: W/"6bcef-63d281c3-678819b673a2fdb4;;;"
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad95ebfcb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.acsbapp.com/cache/app/domains.squadhelp.com/config.json
104.22.0.204200 OK 0 B URL HTTP/2 cdn.acsbapp.com/cache/app/domains.squadhelp.com/config.json
IP 104.22.0.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cache/app/domains.squadhelp.com/config.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://domains.squadhelp.com/
Origin: https://domains.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:28 GMT
content-length: 0
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791bad9bbd4eb500-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 6b9a9edf129c5232d5a01aa06abe3613
a9b53cfa2e6459e0484b50802ded25a39aeb3a7e
c724d99ff111612159e0ed5cc35f75d0aa3bcbc656b554583cb09fe5aad68716
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 16:45:28 GMT
Last-Modified: Mon, 30 Jan 2023 16:27:27 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6eHw6-jnA5HP1kSq0j3HuGOvLpeXDUysrIBH4BhEXVhGlADWRCb3tg==
Age: 1081
alb.reddit.com/rp.gif?ts=1675097140258&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=d3b57159-4449-449d-9fa9-f58a0c1dd2fb&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
151.101.193.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1675097140258&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=d3b57159-4449-449d-9fa9-f58a0c1dd2fb&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
IP 151.101.193.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1675097140258&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=d3b57159-4449-449d-9fa9-f58a0c1dd2fb&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:28 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 6061660d0c8c8a3292454cb1c819259e
54ac533237acc8ff7624f460b91d50657322bdcf
2d7e1e8fe3615783905c47576f05b5cd9189a3cc4e15996dbe66e4388dac190c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2524
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Last-Modified: Mon, 30 Jan 2023 16:03:24 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 314
www.squadhelp.com/html/html/static_images/icon-arrow-long-right.svg
104.22.50.96200 OK 492 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-arrow-long-right.svg
IP 104.22.50.96:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash ecd0e31c2fc9c8e5fda79a4f08c2aca3
a156625ef04a780d4018e4fa6617bd1c434e8d80
0fe8cb160086a9890df12c78e4ac368d330c0efda6e7e277fb3e6f51f8a73173
GET /html/html/static_images/icon-arrow-long-right.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:41 GMT
etag: W/"6345b435-e1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 986921
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8ee9ccb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=78424257-78b7-4c78-96f0-59d01863c3dc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9ffeb108-647d-4172-9681-f3c9e7066b38&tw_document_href=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
104.244.42.5200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=78424257-78b7-4c78-96f0-59d01863c3dc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9ffeb108-647d-4172-9681-f3c9e7066b38&tw_document_href=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
IP 104.244.42.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=78424257-78b7-4c78-96f0-59d01863c3dc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9ffeb108-647d-4172-9681-f3c9e7066b38&tw_document_href=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:28 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=1670340b-bbb4-4f6b-a9f5-ac1d7884961d; Max-Age=63072000; Expires=Wed, 29 Jan 2025 16:45:28 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 7c8f639d5557cd00
strict-transport-security: max-age=0
x-response-time: 111
x-connection-hash: d8fb9bf3e307ae240a2441efdb93b2b98f0af8990f27df1edcb5e43731479ce0
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP 142.250.74.131:0
Hash 639738c2ed821f23ad99a17dccb59bf7
3efa0c17cecd161f083f53f2cc76ae771d3c54a8
1ba8d9c57b984b367fe225cae96d2a6bdbbb54945d07928897d5b174fcbc8431
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP 142.250.74.131:0
Hash 639738c2ed821f23ad99a17dccb59bf7
3efa0c17cecd161f083f53f2cc76ae771d3c54a8
1ba8d9c57b984b367fe225cae96d2a6bdbbb54945d07928897d5b174fcbc8431
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nexus-websocket-a.intercom.io/pubsub/5-rpHB9NsQ_H0tRIwBnLuYPLnjacV95RvUmpyarr3j3QWpRhPcfcQR3wb1hoMap4Ky6x8H9RoSQph7bGV97U7-qIA7jxpTragj6wWy?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
34.237.73.95101 Switching Protocols 0 B URL HTTP/1.1 nexus-websocket-a.intercom.io/pubsub/5-rpHB9NsQ_H0tRIwBnLuYPLnjacV95RvUmpyarr3j3QWpRhPcfcQR3wb1hoMap4Ky6x8H9RoSQph7bGV97U7-qIA7jxpTragj6wWy?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
IP 34.237.73.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pubsub/5-rpHB9NsQ_H0tRIwBnLuYPLnjacV95RvUmpyarr3j3QWpRhPcfcQR3wb1hoMap4Ky6x8H9RoSQph7bGV97U7-qIA7jxpTragj6wWy?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://domains.squadhelp.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PFJPW8agyFVFcXfohFGouA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Mon, 30 Jan 2023 16:45:28 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wDhB0R7vxVyf5eg3AclHTnDyVfs=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover
js-agent.newrelic.com/569.95d4308d-1222.js
151.101.130.137200 OK 3.2 kB URL HTTP/2 js-agent.newrelic.com/569.95d4308d-1222.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (7513), with no line terminators
Hash 8d0953404ce6fdf0926ef6bf37d7e041
8cec9d9883f8b7720721bb33bffb4afe45193b1d
83966eef1899edd421692b78cda8df58dfb9b0b2b27a7485183c5b4cb44a336d
GET /569.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: v+E2uK5EOShfz1aeDzYcwNWitGv9mKnF6hMwgfWjfoR/qfIZPK6AF+v3z+by8JUQg3fSUYcltK4=
x-amz-request-id: WFNFJ5TESSHD3FE6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "e97726ab932639fed09971b1d682788c"
x-amz-version-id: umZj.yHws5JPiBHG1j096ELWHEKx7rh0
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 923
x-timer: S1675097129.760311,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3173
X-Firefox-Spdy: h2
js-agent.newrelic.com/457.95d4308d-1222.js
151.101.130.137200 OK 2.0 kB URL HTTP/2 js-agent.newrelic.com/457.95d4308d-1222.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (4809), with no line terminators
Hash 09c0cca8d2a9fd69f1892a1c2d1319b9
b46f4fe3b0adc98785d22a092818b74145a91cc0
593022809e272793157f8280bae176bfa74a02f9f9a6d3269384e2dd434be046
GET /457.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 6YLQBRWWkaavoi6QR5dS+9cRhXVrpaQK5v3G9/iqQ5oKPUxxFI0Uv2tN9ar51sQUG2xwVmTWBnY=
x-amz-request-id: WFN1Z9NXJZGF8XE5
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "c16abc7fa2e34cbb7baf3e290120ad5a"
x-amz-version-id: qROfxBD9CF8WXmbywdhvCmImuu9HvRNA
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 924
x-timer: S1675097129.760652,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1953
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Mon, 30 Jan 2023 16:45:28 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js-agent.newrelic.com/620.95d4308d-1222.js
151.101.130.137200 OK 1.3 kB URL HTTP/2 js-agent.newrelic.com/620.95d4308d-1222.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (2989), with no line terminators
Hash 7094c3f93699a846fe91edd766391f01
25e8c79409acc2bb73a728c0768e1eda66019255
85eb01219e8aaa7c7968aa175c2421454f99615ae66350b15c60465f4616826f
GET /620.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: QggJtv+14rx8wEd4C6ZTDmmxUSe6+8jiYhTGnWcIRu6DC5pRiaL5fPRx8/lgChduQ7GqRSlO6xY=
x-amz-request-id: WFN5FXFSJTZYM7K6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "ca9b029ff66dd9146273984d16e20abc"
x-amz-version-id: HYguQMwVKEHCmodKuQRUzW1qxlElK9Xr
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 925
x-timer: S1675097129.760472,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1342
X-Firefox-Spdy: h2
cdn.acsbapp.com/cache/app/wildcards.json
104.22.0.204200 OK 225 B URL HTTP/2 cdn.acsbapp.com/cache/app/wildcards.json
IP 104.22.0.204:0
File type JSON data\012- , ASCII text, with very long lines (806), with no line terminators
Hash 78e3f8c29d094e89383c9e7d35c42f90
08e161cab4f1c50ee71bb5f22df979f9a8c3b1d6
57c36230e3fceb72b2a2d2eac4d275616185a0047fa30777f971a3de58b636ee
GET /cache/app/wildcards.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://domains.squadhelp.com/
Origin: https://domains.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:28 GMT
content-type: application/json
cache-control: max-age=432000 public
expires: Tue, 31 Jan 2023 16:45:28 GMT
last-modified: Thu, 22 Dec 2022 09:01:18 GMT
etag: W/"326-63a41cde-8322dbd7b40153bd;;;"
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791bad9cceaeb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
js-agent.newrelic.com/41.95d4308d-1222.js
151.101.130.137200 OK 439 B URL HTTP/2 js-agent.newrelic.com/41.95d4308d-1222.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (828), with no line terminators
Hash 46946da829a2257cd8bdeb75bc6f8ff9
bfb81d0ebb2c5a2c0fe666f6a9c4c09cc5a545b3
50e164f0b5274f88ecc28c833729663593b3380aed5a4ac3a06d29106332a544
GET /41.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2TG7kVMnt5x5EwbcjDgF/pAaH/jmgGXStlMFEbvOUPNYaRTe14pFRmwb0VQGFJQN7uXfEncHoqkNLs4TYWl92Q==
x-amz-request-id: MFEHG5GPGK6ZYQVP
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "29dd8aef66100e4c69e07fd60fc88b12"
x-amz-version-id: 6FOFyXAonMoqJqLGEMhx7HWIp32cv4MT
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 930
x-timer: S1675097129.766978,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 439
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=0e7ffe6c-187e-4b72-8978-3293d7b76b8a&sid=883291a0a0bd11edaad5dffbc2b6077f&vid=8832d140a0bd11ed81dec527b108cc59&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=gotocom.xyz%20is%20for%20sale&p=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&r=<=3195&evt=pageLoad&sv=1&rn=303548
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=0e7ffe6c-187e-4b72-8978-3293d7b76b8a&sid=883291a0a0bd11edaad5dffbc2b6077f&vid=8832d140a0bd11ed81dec527b108cc59&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=gotocom.xyz%20is%20for%20sale&p=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&r=<=3195&evt=pageLoad&sv=1&rn=303548
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=15226519&tm=gtm002&Ver=2&mid=0e7ffe6c-187e-4b72-8978-3293d7b76b8a&sid=883291a0a0bd11edaad5dffbc2b6077f&vid=8832d140a0bd11ed81dec527b108cc59&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=gotocom.xyz%20is%20for%20sale&p=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&r=<=3195&evt=pageLoad&sv=1&rn=303548 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2951D1F8666067F9240BC3516795667B; domain=.bing.com; expires=Sat, 24-Feb-2024 16:45:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B1335AF937014299BA3B7145FCEC9E29 Ref B: OSL30EDGE0515 Ref C: 2023-01-30T16:45:28Z
date: Mon, 30 Jan 2023 16:45:28 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=0e7ffe6c-187e-4b72-8978-3293d7b76b8a&sid=883291a0a0bd11edaad5dffbc2b6077f&vid=8832d140a0bd11ed81dec527b108cc59&vids=0&msclkid=N&pagetype=product&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=495916
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=0e7ffe6c-187e-4b72-8978-3293d7b76b8a&sid=883291a0a0bd11edaad5dffbc2b6077f&vid=8832d140a0bd11ed81dec527b108cc59&vids=0&msclkid=N&pagetype=product&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=495916
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=15226519&tm=gtm002&Ver=2&mid=0e7ffe6c-187e-4b72-8978-3293d7b76b8a&sid=883291a0a0bd11edaad5dffbc2b6077f&vid=8832d140a0bd11ed81dec527b108cc59&vids=0&msclkid=N&pagetype=product&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=495916 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=33076B8DCB7B6546219C7924CA8E64C4; domain=.bing.com; expires=Sat, 24-Feb-2024 16:45:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 00E7FD76BCA8471C859042CEE5AEE805 Ref B: OSL30EDGE0515 Ref C: 2023-01-30T16:45:28Z
date: Mon, 30 Jan 2023 16:45:28 GMT
X-Firefox-Spdy: h2
api-iam.intercom.io/messenger/web/ping
35.169.43.22200 OK 112 kB URL HTTP/2 api-iam.intercom.io/messenger/web/ping
IP 35.169.43.22:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (60518)
Size 112 kB (111694 bytes)
Hash 9a3b34ac6d43526b7f1d60edb41b7aea
23bda22f657dcbd545e47703ed4773727ee29f21
f80952061ce394aefe8e268b00e4ae1076dcf8d7b1a7a9e0ea1a98bdb688d616
POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 387
Origin: https://domains.squadhelp.com
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:28 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1675097130
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13315
access-control-allow-origin: https://domains.squadhelp.com
vary: Accept,Accept-Encoding
x-intercom-version: ae21d1d7c5084f5a84a8d9ee561fbacf506c4698
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 0007fb5tag9527tik3i0
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"aafad7973874237576cbd9fbed975c99"
x-runtime: 0.313187
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-097189092b4216679
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/15226519.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/15226519.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/15226519.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 94E0551C1E394B999494FA4441217A4B Ref B: OSL30EDGE0515 Ref C: 2023-01-30T16:45:28Z
date: Mon, 30 Jan 2023 16:45:28 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 6d2677a268c46fe7437bc9ba7f1933f0
c4c8338d86338480d15172e8691dc9b25c9c25bf
0709a1fe6bd9156d9e98f2c986bcb486031947ce2412744efd1e0ff52f7929d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3633
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Last-Modified: Mon, 30 Jan 2023 15:44:56 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP 142.250.74.131:0
Hash 639738c2ed821f23ad99a17dccb59bf7
3efa0c17cecd161f083f53f2cc76ae771d3c54a8
1ba8d9c57b984b367fe225cae96d2a6bdbbb54945d07928897d5b174fcbc8431
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/1030947153/?random=1675097139939&cv=11&fst=1675097139939&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tiba=gotocom.xyz%20is%20for%20sale&value=0&bttype=purchase&auid=751305816.1675097140&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/1030947153/?random=1675097139939&cv=11&fst=1675097139939&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tiba=gotocom.xyz%20is%20for%20sale&value=0&bttype=purchase&auid=751305816.1675097140&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1030947153/?random=1675097139939&cv=11&fst=1675097139939&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tiba=gotocom.xyz%20is%20for%20sale&value=0&bttype=purchase&auid=751305816.1675097140&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://domains.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 16:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1030947153/?random=1675097139997&cv=11&fst=1675094400000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tiba=gotocom.xyz%20is%20for%20sale&data=dynx_itemid%3D2059706%3Bdynx_pagetype%3Dofferdetail%3Bdynx_totalvalue%3D511&fmt=3&is_vtc=1&random=2679419042&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1675097139997&cv=11&fst=1675094400000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tiba=gotocom.xyz%20is%20for%20sale&data=dynx_itemid%3D2059706%3Bdynx_pagetype%3Dofferdetail%3Bdynx_totalvalue%3D511&fmt=3&is_vtc=1&random=2679419042&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1675097139997&cv=11&fst=1675094400000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tiba=gotocom.xyz%20is%20for%20sale&data=dynx_itemid%3D2059706%3Bdynx_pagetype%3Dofferdetail%3Bdynx_totalvalue%3D511&fmt=3&is_vtc=1&random=2679419042&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 16:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1030947153/?random=1675097139920&cv=11&fst=1675094400000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tiba=gotocom.xyz%20is%20for%20sale&data=ecomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=2069997830&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1675097139920&cv=11&fst=1675094400000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tiba=gotocom.xyz%20is%20for%20sale&data=ecomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=2069997830&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1675097139920&cv=11&fst=1675094400000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tiba=gotocom.xyz%20is%20for%20sale&data=ecomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=2069997830&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 16:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cf109322ef7fde96caf40f6195ee071b
d7f5dd63a402c4fe3c483274a893f44b6b76befb
56fa47af9f2b40d219c9944ecf12984cefbc26bbd8f77d95f8fd4580bf8e606f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2097
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Last-Modified: Mon, 30 Jan 2023 16:10:31 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.google.no/pagead/1p-user-list/1030947153/?random=1675097140118&cv=11&fst=1675094400000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tiba=gotocom.xyz%20is%20for%20sale&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=408513100&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1675097140118&cv=11&fst=1675094400000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tiba=gotocom.xyz%20is%20for%20sale&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=408513100&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1675097140118&cv=11&fst=1675094400000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tiba=gotocom.xyz%20is%20for%20sale&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=408513100&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 16:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=FBAFBF55E8284FFFB1AF637324E20A96&RedC=c.clarity.ms&MXFR=31E49D6D5A25614C36FA8FC45E256F71
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=31E49D6D5A25614C36FA8FC45E256F71; domain=.clarity.ms; expires=Sat, 24-Feb-2024 16:45:28 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 30 Jan 2023 16:45:28 GMT
content-length: 0
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1675097141037&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1675097141037&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34987&time=1675097141037&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1675097141037%26url%3Dhttps%253A%252F%252Fdomains.squadhelp.com%252Flpd%252Fname%252Fgotocom.xyz%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLgcvGes5QrRAAAAYYDkb_PAaI_2c16q-EKgy0QU6imoRLHhFCRwq4wawkNQ1cxH7yWj6bfw0U76g; Max-Age=2592000; Expires=Wed, 01 Mar 2023 16:45:28 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQIzLAx1R4alBwAAAYYDkb_PK4YTvN25JvqBC5Q9NPG-cB7TusPESdjJto_ADGIzn3ynba_QQsi0gV2wOSfJnw; Max-Age=2592000; Expires=Wed, 01 Mar 2023 16:45:28 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&7558ad4c-54f0-4dfe-8ed3-9502d58f2aff"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 16:45:28 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2423:u=1:x=1:i=1675097128:t=1675183528:v=2:sig=AQEchRD2A6CwNfY3SG6zVVVrg-ox4Wcw"; Expires=Tue, 31 Jan 2023 16:45:28 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzffFVK+5eAen7ADplyg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FD30D7087E85479FAD954875B9189751 Ref B: OSL30EDGE0114 Ref C: 2023-01-30T16:45:28Z
date: Mon, 30 Jan 2023 16:45:28 GMT
content-length: 0
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=78424257-78b7-4c78-96f0-59d01863c3dc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9ffeb108-647d-4172-9681-f3c9e7066b38&tw_document_href=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
104.244.42.67200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=78424257-78b7-4c78-96f0-59d01863c3dc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9ffeb108-647d-4172-9681-f3c9e7066b38&tw_document_href=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
IP 104.244.42.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=78424257-78b7-4c78-96f0-59d01863c3dc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9ffeb108-647d-4172-9681-f3c9e7066b38&tw_document_href=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:28 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_CM0PyX+unpAFmdgtIeG3MA=="; Max-Age=63072000; Expires=Wed, 29 Jan 2025 16:45:28 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 0090af67e7bba473
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: 20b3d128c21435dc142ce9413ce2080204fe0e0cb8a66cf06593d579cedccc33
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11585500-1&cid=295040652.1675097140&jid=1636318151&gjid=1766968122&_gid=28321210.1675097141&_u=aCDAgEADQAAAAGAAI~&z=338121109
209.85.233.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11585500-1&cid=295040652.1675097140&jid=1636318151&gjid=1766968122&_gid=28321210.1675097141&_u=aCDAgEADQAAAAGAAI~&z=338121109
IP 209.85.233.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11585500-1&cid=295040652.1675097140&jid=1636318151&gjid=1766968122&_gid=28321210.1675097141&_u=aCDAgEADQAAAAGAAI~&z=338121109 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://domains.squadhelp.com
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://domains.squadhelp.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 16:45:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11585500-4&cid=295040652.1675097140&jid=909385330&gjid=93278499&_gid=28321210.1675097141&_u=KCDAAEACQAAAACAAI~&z=563136345
209.85.233.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11585500-4&cid=295040652.1675097140&jid=909385330&gjid=93278499&_gid=28321210.1675097141&_u=KCDAAEACQAAAACAAI~&z=563136345
IP 209.85.233.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11585500-4&cid=295040652.1675097140&jid=909385330&gjid=93278499&_gid=28321210.1675097141&_u=KCDAAEACQAAAACAAI~&z=563136345 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://domains.squadhelp.com
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://domains.squadhelp.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 16:45:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=FBAFBF55E8284FFFB1AF637324E20A96&RedC=c.clarity.ms&MXFR=31E49D6D5A25614C36FA8FC45E256F71
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=FBAFBF55E8284FFFB1AF637324E20A96&RedC=c.clarity.ms&MXFR=31E49D6D5A25614C36FA8FC45E256F71
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=FBAFBF55E8284FFFB1AF637324E20A96&RedC=c.clarity.ms&MXFR=31E49D6D5A25614C36FA8FC45E256F71 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://domains.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=FBAFBF55E8284FFFB1AF637324E20A96&MUID=1CE7977783CA6F4B1BAE85DE823F6E51
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=1CE7977783CA6F4B1BAE85DE823F6E51; domain=c.bing.com; expires=Sat, 24-Feb-2024 16:45:29 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 03C521868EF243449B4C8322FF82D6E2 Ref B: OSL30EDGE0515 Ref C: 2023-01-30T16:45:29Z
date: Mon, 30 Jan 2023 16:45:28 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6349
Cache-Control: max-age=141207
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:29 GMT
Etag: "63d75ff3-1d7"
Expires: Wed, 01 Feb 2023 07:58:56 GMT
Last-Modified: Mon, 30 Jan 2023 06:13:07 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6349
Cache-Control: max-age=141207
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:29 GMT
Etag: "63d75ff3-1d7"
Expires: Wed, 01 Feb 2023 07:58:56 GMT
Last-Modified: Mon, 30 Jan 2023 06:13:07 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 46eb0eb3a7c25615c95ca147a7e29a22
9ab373d20db6ee056f46e86ed39b4d46c4cfd825
b9ac2cf7531c8af7d2339e6c83913d4cc2c48e8ba470c0b240f09ef5f3288d02
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 16:45:29 GMT
Last-Modified: Mon, 30 Jan 2023 16:19:00 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jSTncrHqzxxeuXbiFTQ94opbGkry-ac3goGnvJJalrTXXGhpJwoGXA==
Age: 1589
www.facebook.com/tr/?id=776488579087398&ev=ViewContent&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&rl=&if=false&ts=1675097141833&cd[content_type]=product&cd[content_ids]=%5B%272059706%27%5D&cd[value]=511&cd[currency]=USD&cd[content_category]=&cd[content_name]=gotocom.xyz&sw=1280&sh=1024&v=2.9.92&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1675097141828.1147963586&it=1675097141213&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=776488579087398&ev=ViewContent&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&rl=&if=false&ts=1675097141833&cd[content_type]=product&cd[content_ids]=%5B%272059706%27%5D&cd[value]=511&cd[currency]=USD&cd[content_category]=&cd[content_name]=gotocom.xyz&sw=1280&sh=1024&v=2.9.92&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1675097141828.1147963586&it=1675097141213&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=776488579087398&ev=ViewContent&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&rl=&if=false&ts=1675097141833&cd[content_type]=product&cd[content_ids]=%5B%272059706%27%5D&cd[value]=511&cd[currency]=USD&cd[content_category]=&cd[content_name]=gotocom.xyz&sw=1280&sh=1024&v=2.9.92&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1675097141828.1147963586&it=1675097141213&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 16:45:29 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&rl=&if=false&ts=1675097141829&sw=1280&sh=1024&v=2.9.92&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1675097141828.1147963586&it=1675097141213&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&rl=&if=false&ts=1675097141829&sw=1280&sh=1024&v=2.9.92&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1675097141828.1147963586&it=1675097141213&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&rl=&if=false&ts=1675097141829&sw=1280&sh=1024&v=2.9.92&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1675097141828.1147963586&it=1675097141213&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 16:45:29 GMT
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&optOut=false&bust=03991719519740585&referrer=
70.42.32.31200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&optOut=false&bust=03991719519740585&referrer=
IP 70.42.32.31:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&optOut=false&bust=03991719519740585&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 16:45:29 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 14b014b0c16c7bc498257ef5a0367148
tr.outbrain.com/cachedClickId?marketerId=undefined
70.42.32.31200 OK 35 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=undefined
IP 70.42.32.31:0
File type ASCII text, with no line terminators
Hash 75c843c7b717e7b722777907475c67a3
983d1c9a05b315288039b9d4694ce3b402259240
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
GET /cachedClickId?marketerId=undefined HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 16:45:29 GMT
Content-Type: application/javascript
Content-Length: 35
X-TraceId: 24fb78b3b36a596941c527dc7fa753fe
c.clarity.ms/c.gif?CtsSyncId=FBAFBF55E8284FFFB1AF637324E20A96&MUID=1CE7977783CA6F4B1BAE85DE823F6E51
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=FBAFBF55E8284FFFB1AF637324E20A96&MUID=1CE7977783CA6F4B1BAE85DE823F6E51
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=FBAFBF55E8284FFFB1AF637324E20A96&MUID=1CE7977783CA6F4B1BAE85DE823F6E51 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://domains.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
accept-ranges: bytes
etag: "b1c8df6cb32ad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Mon, 30-Jan-2023 16:55:29 GMT; path=/; SameSite=None; Secure;
date: Mon, 30 Jan 2023 16:45:28 GMT
content-length: 42
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6349
Cache-Control: max-age=141207
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:45:29 GMT
Etag: "63d75ff3-1d7"
Expires: Wed, 01 Feb 2023 07:58:56 GMT
Last-Modified: Mon, 30 Jan 2023 06:13:07 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1675097141037%26url%3Dhttps%253A%252F%252Fdomains.squadhelp.com%252Flpd%252Fname%252Fgotocom.xyz%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1675097141037%26url%3Dhttps%253A%252F%252Fdomains.squadhelp.com%252Flpd%252Fname%252Fgotocom.xyz%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1675097141037%26url%3Dhttps%253A%252F%252Fdomains.squadhelp.com%252Flpd%252Fname%252Fgotocom.xyz%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://domains.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1675097141037&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&185758a6-25f2-433e-8cea-4403266dc602"; Domain=.linkedin.com; Expires=Tue, 30-Jan-2024 16:45:29 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202301301645297cca3f26-a041-4251-87f6-1c09da8a7a43AQFRG375sKhSaSgjUlESwCN1g3ig4-Y_"; Domain=.www.linkedin.com; Expires=Tue, 30-Jan-2024 16:45:29 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzUwOTcxMjk7MjswMjFl2mxL5RIpWDRIeKB31djKxeaPW59g5cpONKQh/o4QFA==; Domain=.linkedin.com; Expires=Sat, 29 Jul 2023 16:45:29 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2423:u=1:x=1:i=1675097129:t=1675183529:v=2:sig=AQE5lYuZOL9TZKGVp8AWfkv9Ks99OS3T"; Expires=Tue, 31 Jan 2023 16:45:29 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzffFY0fXF83aBVo8dOw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5402959BBB694B048F6CF8F24051613B Ref B: OSL30EDGE0114 Ref C: 2023-01-30T16:45:29Z
date: Mon, 30 Jan 2023 16:45:29 GMT
content-length: 0
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.css
34.238.229.64200 OK 27 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.css
IP 34.238.229.64:0
Hash 83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Mon, 30 Jan 2023 16:45:29 GMT
Content-Length: 27
Connection: keep-alive
bam.nr-data.net/1/a159e7928d?a=126710130&v=1222.PROD&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=5174&ck=0&s=ed6ca763ff59f025&ref=https://domains.squadhelp.com/lpd/name/gotocom.xyz&ap=783&be=3185&fe=109&dc=92&perf=%7B%22timing%22:%7B%22of%22:1675097136477,%22n%22:0,%22f%22:673,%22dn%22:675,%22dne%22:681,%22c%22:684,%22s%22:688,%22ce%22:780,%22rq%22:780,%22rp%22:2185,%22rpe%22:2186,%22dl%22:2194,%22di%22:2643,%22ds%22:2656,%22de%22:2658,%22dc%22:3179,%22l%22:3179,%22le%22:3195%7D,%22navigation%22:%7B%7D%7D&fcp=2599&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/a159e7928d?a=126710130&v=1222.PROD&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=5174&ck=0&s=ed6ca763ff59f025&ref=https://domains.squadhelp.com/lpd/name/gotocom.xyz&ap=783&be=3185&fe=109&dc=92&perf=%7B%22timing%22:%7B%22of%22:1675097136477,%22n%22:0,%22f%22:673,%22dn%22:675,%22dne%22:681,%22c%22:684,%22s%22:688,%22ce%22:780,%22rq%22:780,%22rp%22:2185,%22rpe%22:2186,%22dl%22:2194,%22di%22:2643,%22ds%22:2656,%22de%22:2658,%22dc%22:3179,%22l%22:3179,%22le%22:3195%7D,%22navigation%22:%7B%7D%7D&fcp=2599&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/a159e7928d?a=126710130&v=1222.PROD&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=5174&ck=0&s=ed6ca763ff59f025&ref=https://domains.squadhelp.com/lpd/name/gotocom.xyz&ap=783&be=3185&fe=109&dc=92&perf=%7B%22timing%22:%7B%22of%22:1675097136477,%22n%22:0,%22f%22:673,%22dn%22:675,%22dne%22:681,%22c%22:684,%22s%22:688,%22ce%22:780,%22rq%22:780,%22rp%22:2185,%22rpe%22:2186,%22dl%22:2194,%22di%22:2643,%22ds%22:2656,%22de%22:2658,%22dc%22:3179,%22l%22:3179,%22le%22:3195%7D,%22navigation%22:%7B%7D%7D&fcp=2599&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 16:45:29 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 791bad9fdd1d0b3d-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
www.clarity.ms/tag/3xq9rdybkj
13.107.237.53200 OK 20 kB URL HTTP/2 www.clarity.ms/tag/3xq9rdybkj
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 845d796bf25e1075f80cc1d3556164bc
8f30bbd858567b262db77aacfbbc11300bf49458
3fbdff98786448d54bb66bf6e67268b92475b0e92c854765a0fc7e21ddcf94cb
GET /tag/3xq9rdybkj HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=46ed21301c9841d482fb10f0a6f96287.20230130.20240130; expires=Tue, 30 Jan 2024 16:45:28 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-cache: CONFIG_NOCACHE
x-azure-ref: 0KPTXYwAAAACUicyYfFPBQr/if8k+xqytQ1BIMzBFREdFMDQwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 30 Jan 2023 16:45:28 GMT
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1675097141037&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1675097141037&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34987&time=1675097141037&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://domains.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&e694ee4d-d4bf-4dc3-8e50-9ac7057347a8"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 16:45:29 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2423:u=1:x=1:i=1675097129:t=1675183529:v=2:sig=AQE5lYuZOL9TZKGVp8AWfkv9Ks99OS3T"; Expires=Tue, 31 Jan 2023 16:45:29 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzffFb5DxRboyBNbeJyQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2AEC9418E36145CE89A8262D1CAF0CF9 Ref B: OSL30EDGE0114 Ref C: 2023-01-30T16:45:29Z
date: Mon, 30 Jan 2023 16:45:29 GMT
content-length: 0
X-Firefox-Spdy: h2
d.clarity.ms/collect
40.76.174.66204 No Content 0 B IP 40.76.174.66:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 47979
Origin: https://domains.squadhelp.com
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://domains.squadhelp.com
access-control-allow-credentials: true
date: Mon, 30 Jan 2023 16:45:29 GMT
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.jpeg
34.238.229.64200 OK 651 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.jpeg
IP 34.238.229.64:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash 3de04efc4015ef760b5eed5078974ef5
a55ad7164f46a4c559eaa9b4cd2b0e7418393d16
20e7dee83444a3ee6004a79c68f063db32916d41aa2558944aca4771aecc318e
GET /sa.jpeg HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://domains.squadhelp.com/
Origin: https://domains.squadhelp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: image/jpeg
Date: Mon, 30 Jan 2023 16:45:29 GMT
Content-Length: 651
Connection: keep-alive
tags.srv.stackadapt.com/saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&t=gotocom.xyz%20is%20for%20sale&tip=m4fHjj9gbwz_0XgrpehXZaG1WjJ7dPGYGf0DRVE73UE&host=https://domains.squadhelp.com&sa-user-id-v2=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo&sa-user-id=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo
34.238.229.64200 OK 116 B URL HTTP/1.1 tags.srv.stackadapt.com/saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&t=gotocom.xyz%20is%20for%20sale&tip=m4fHjj9gbwz_0XgrpehXZaG1WjJ7dPGYGf0DRVE73UE&host=https://domains.squadhelp.com&sa-user-id-v2=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo&sa-user-id=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo
IP 34.238.229.64:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9e29b9729014a4e6a0f9acf522daa07d
7ecad4e87388022ea224a8752b5ccf02aa3abcac
65d6fc76a8f26596cce60b33939093689c23e38cdc324343e82b3e7951ea84a1
GET /saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz&t=gotocom.xyz%20is%20for%20sale&tip=m4fHjj9gbwz_0XgrpehXZaG1WjJ7dPGYGf0DRVE73UE&host=https://domains.squadhelp.com&sa-user-id-v2=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo&sa-user-id=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://domains.squadhelp.com
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://domains.squadhelp.com
Content-Type: text/plain; charset=utf-8
Date: Mon, 30 Jan 2023 16:45:29 GMT
Set-Cookie: sa-user-id=s%3A0-8a932d0c-43ec-453c-7763-be3e8bdb9f8b.4bRdS5FdoxlOm%2BcFmTaYoXT8Jkp17ZbAcpqegBwcxNw; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AipMtDEPsRTx3Y74-i9ufi1taKpo.O%2BumcxKnfDp3zGdnXfstDjO44diiWJ8K1Oi8nM4S178; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 116
Connection: keep-alive
trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=1559&scd=0&ssd=1&est=1675097141235&ver=36&isls=true&src=i&invt=1500&msa=1819&rv=1&tim=1675097142796&vi=1675097141233&ri=594c2f25969984ec7e441c8f163b0078&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=1559&scd=0&ssd=1&est=1675097141235&ver=36&isls=true&src=i&invt=1500&msa=1819&rv=1&tim=1675097142796&vi=1675097141233&ri=594c2f25969984ec7e441c8f163b0078&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1344021/log/3/unip?en=pre_d_eng_tb&tos=1559&scd=0&ssd=1&est=1675097141235&ver=36&isls=true&src=i&invt=1500&msa=1819&rv=1&tim=1675097142796&vi=1675097141233&ri=594c2f25969984ec7e441c8f163b0078&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://domains.squadhelp.com
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 16:45:30 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://domains.squadhelp.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
domains.squadhelp.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.22.50.96200 OK 0 B URL HTTP/2 domains.squadhelp.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.22.50.96:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: domains.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/lpd/name/gotocom.xyz
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:25 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
etag: W/"63ce6a10-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8d5f9db51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 01 Feb 2023 16:45:25 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-arrow-right.svg
104.22.50.96200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-arrow-right.svg
IP 104.22.50.96:0
GET /html/html/static_images/icon-arrow-right.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:42 GMT
etag: W/"6345b436-e1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 2430155
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8ef9deb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
gotocom.xyz/
104.21.49.150302 Found 0 B IP 104.21.49.150:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gotocom.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 30 Jan 2023 16:45:24 GMT
content-type: text/html
location: https://domains.squadhelp.com/lpd/name/gotocom.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dYsZYrbeums7KQUOxb%2BLxJ6Bvi%2BIzAEvthwpWQ%2FlAUGDo%2FYZ5VXxAVNdmcp2FgVwcnXskj%2B%2Fzsfj8nJaOjsRZgNUScztZ5Tn6adB5ztwEkd9f0mGEmIau5l9f1ynA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791bad816df70b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trc.taboola.com/1344021/trc/3/json?tim=1675097141237&data=%7B%22id%22%3A167%2C%22ii%22%3A%22%2Fname%2Fgotocom.xyz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675097141233%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fgotocom.xyz%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675097141237%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.193.44200 OK 0 B URL HTTP/2 trc.taboola.com/1344021/trc/3/json?tim=1675097141237&data=%7B%22id%22%3A167%2C%22ii%22%3A%22%2Fname%2Fgotocom.xyz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675097141233%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fgotocom.xyz%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675097141237%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.193.44:0
GET /1344021/trc/3/json?tim=1675097141237&data=%7B%22id%22%3A167%2C%22ii%22%3A%22%2Fname%2Fgotocom.xyz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675097141233%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.squadhelp.com%2Fname%2Fgotocom.xyz%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675097141237%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Fgotocom.xyz%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 16:45:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1674-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675097129.784862,VS0,VE113
vary: Accept-Encoding
x-vcl-time-ms: 113
X-Firefox-Spdy: h2
qvdt3feo.com/events.js
54.86.204.64200 OK 0 B IP 54.86.204.64:0
GET /events.js HTTP/1.1
Host: qvdt3feo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://domains.squadhelp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:29 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=5
content-encoding: gzip
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-phone-blue.svg
104.22.50.96200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-phone-blue.svg
IP 104.22.50.96:0
GET /html/html/static_images/icon-phone-blue.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:36 GMT
etag: W/"6345b430-3a9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 2430155
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8ef9e5b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-heart-color.svg
104.22.50.96200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-heart-color.svg
IP 104.22.50.96:0
GET /html/html/static_images/icon-heart-color.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:03 GMT
etag: W/"6345b40f-2dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 2430155
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8ef9ddb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
domains.squadhelp.com/html/html/static_images/payment-method-paypal.svg
104.22.50.96200 OK 0 B URL HTTP/2 domains.squadhelp.com/html/html/static_images/payment-method-paypal.svg
IP 104.22.50.96:0
GET /html/html/static_images/payment-method-paypal.svg HTTP/1.1
Host: domains.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/lpd/name/gotocom.xyz
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:25 GMT
content-type: image/svg+xml
last-modified: Mon, 02 Jan 2023 13:11:11 GMT
etag: W/"63b2d7ef-b8260"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 352190
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8d4f87b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
domains.squadhelp.com/lpd/name/gotocom.xyz
104.22.50.96200 OK 0 B URL HTTP/2 domains.squadhelp.com/lpd/name/gotocom.xyz
IP 104.22.50.96:0
GET /lpd/name/gotocom.xyz HTTP/1.1
Host: domains.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:25 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Mon, 30 Jan 2023 16:45:25 GMT
set-cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=; path=/; expires=Mon, 30-Jan-23 17:15:25 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 791bad83aa66b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
domains.squadhelp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.22.50.96200 OK 0 B URL HTTP/2 domains.squadhelp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.22.50.96:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: domains.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/lpd/name/gotocom.xyz
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:25 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
etag: W/"63ce6a10-302c"
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8d5fa1b51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 01 Feb 2023 16:45:25 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
assets.calendly.com/assets/external/widget.css
172.66.43.26200 OK 0 B URL HTTP/2 assets.calendly.com/assets/external/widget.css
IP 172.66.43.26:0
GET /assets/external/widget.css HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: text/css
cf-ray: 791bad8deac61c02-OSL
age: 35
cache-control: public, max-age=300
etag: W/"397a083322efd65055fd33da0d62ee2c"
expires: Tue, 31 Jan 2023 16:45:26 GMT
last-modified: Fri, 20 Jan 2023 19:21:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
cf-polished: status=cannot_optimize
x-content-type-options: nosniff
set-cookie: __cf_bm=PAE75D1GAU8Lm78M7dZ_o79Hj0iERN93Q3G15mocchg-1675097126-0-AYe5RfKNSPItkjcsEow1NYxo6iIX2YpP85xzgB6xem/DS/SSszCQn6c2Njf3YEDCC9iKgIYzl55K0k1rOiinD64=; path=/; expires=Mon, 30-Jan-23 17:15:26 GMT; domain=.calendly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/34987/domain/domains.squadhelp.com/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/34987/domain/domains.squadhelp.com/token
IP 54.230.111.112:0
GET /partner/34987/domain/domains.squadhelp.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://domains.squadhelp.com
Connection: keep-alive
Referer: https://domains.squadhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 30 Jan 2023 16:16:42 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6zyN14AZMVHsB0dgTjzdJfpUbQJthxkIEtgyz6reG1V-9YDEOrvGhA==
age: 1726
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-phone.svg
104.22.50.96200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-phone.svg
IP 104.22.50.96:0
GET /html/html/static_images/icon-phone.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:38 GMT
etag: W/"6345b432-37c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 4039272
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8ed9b8b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-search.svg
104.22.50.96200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-search.svg
IP 104.22.50.96:0
GET /html/html/static_images/icon-search.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:38 GMT
etag: W/"6345b432-456"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 5695816
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8ec9b6b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.squadhelp.com/html/html/static_images/icon-chat-white.svg
104.22.50.96200 OK 0 B URL HTTP/2 www.squadhelp.com/html/html/static_images/icon-chat-white.svg
IP 104.22.50.96:0
GET /html/html/static_images/icon-chat-white.svg HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.squadhelp.com/var/1ae682199df69100177377a183804675.css
Cookie: __cf_bm=JMBK6IW4SO5o98iMgFtLNtttjIZG77VmAQvKGNwwLzk-1675097125-0-ATAV3VUu22rZtmZV1NXNZVeAKEuW0tGiNc4S8eVL446fqhU9NM8DAbAY+NvBYmrbEx55ZvLU76nNPEyTTYvEids=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:45:26 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Oct 2022 18:21:23 GMT
etag: W/"6345b423-615"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 4039272
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bad8f3a3db51d-OSL
content-encoding: br
X-Firefox-Spdy: h2