www.globezo.com/
52.20.84.62301 Moved Permanently 166 B IP 52.20.84.62:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET / HTTP/1.1
Host: www.globezo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Wed, 09 Nov 2022 08:43:17 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://www.squadhelp.com/name/globezo?lp=d
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14101
Expires: Wed, 09 Nov 2022 12:38:18 GMT
Date: Wed, 09 Nov 2022 08:43:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5285
Cache-Control: max-age=98159
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:17 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:59:16 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3386
Cache-Control: max-age=96260
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:17 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:27:37 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7856
Expires: Wed, 09 Nov 2022 10:54:13 GMT
Date: Wed, 09 Nov 2022 08:43:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tYZK7WUPYmMb+QO29AjE67BUEBtvoLm+LlZbH6GgEc3Epgmvo4VIiWRSyZQyBeNKauC/JZBaMHk=
x-amz-request-id: 1MHX65H973EPKFTH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 07:48:54 GMT
age: 3263
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c4d83c119cb46ec14cbcab2584447
27883e7952a7a5f10639b31b4ea86b4fbdea1cfa
bfd313376c3c4129389afbee289d354ea65aa3ed61b48993a9f3b81730e13bfb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BFD313376C3C4129389AFBEE289D354EA65AA3ED61B48993A9F3B81730E13BFB"
Last-Modified: Mon, 07 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17962
Expires: Wed, 09 Nov 2022 13:42:39 GMT
Date: Wed, 09 Nov 2022 08:43:17 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 08:43:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6014
Cache-Control: max-age=93821
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:18 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:46:59 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.42.234.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.234.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uRRIFoUxZHpY1A4H86d4xg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r4dACWLOgU9+QpE7vQL6p8kTEiI=
www.brandxy.com/name/Globezo.com
54.210.75.214200 OK 12 kB URL HTTP/1.1 www.brandxy.com/name/Globezo.com
IP 54.210.75.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10266)
Hash 97dcbf39725c01c12aa00917fa1fd529
6120e54cb89d756b31e859368399d1b7d43645ff
c1b076d3c3f32676a7667a95b9065f9a10ee303da443435586cdf2b5c9e836e1
Analyzer Verdict Alert fortinet Phishing
GET /name/Globezo.com HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:19 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 11521
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-options: nosniff
Set-Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; expires=Thu, 10-Nov-2022 08:43:19 GMT; Max-Age=86400; path=/
uhash=d332a45ffa14f2ee; expires=Thu, 09-Nov-2023 08:43:19 GMT; Max-Age=31536000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Backend-location: brandxy
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c4d83c119cb46ec14cbcab2584447
27883e7952a7a5f10639b31b4ea86b4fbdea1cfa
bfd313376c3c4129389afbee289d354ea65aa3ed61b48993a9f3b81730e13bfb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BFD313376C3C4129389AFBEE289D354EA65AA3ED61B48993A9F3B81730E13BFB"
Last-Modified: Mon, 07 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17959
Expires: Wed, 09 Nov 2022 13:42:39 GMT
Date: Wed, 09 Nov 2022 08:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1c2935de22fdca207596b7b20ad5c45
114733f9960306d18c5d48f374634acd9207fad9
09bf9d8a4983d278df7d7ff0c3c2fe8e41f3aa18dba9bd8b6314209849b450bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09BF9D8A4983D278DF7D7FF0C3C2FE8E41F3AA18DBA9BD8B6314209849B450BB"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15974
Expires: Wed, 09 Nov 2022 13:09:34 GMT
Date: Wed, 09 Nov 2022 08:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1c2935de22fdca207596b7b20ad5c45
114733f9960306d18c5d48f374634acd9207fad9
09bf9d8a4983d278df7d7ff0c3c2fe8e41f3aa18dba9bd8b6314209849b450bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09BF9D8A4983D278DF7D7FF0C3C2FE8E41F3AA18DBA9BD8B6314209849B450BB"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15974
Expires: Wed, 09 Nov 2022 13:09:34 GMT
Date: Wed, 09 Nov 2022 08:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4881
Expires: Wed, 09 Nov 2022 10:04:41 GMT
Date: Wed, 09 Nov 2022 08:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4881
Expires: Wed, 09 Nov 2022 10:04:41 GMT
Date: Wed, 09 Nov 2022 08:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4881
Expires: Wed, 09 Nov 2022 10:04:41 GMT
Date: Wed, 09 Nov 2022 08:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4881
Expires: Wed, 09 Nov 2022 10:04:41 GMT
Date: Wed, 09 Nov 2022 08:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4881
Expires: Wed, 09 Nov 2022 10:04:41 GMT
Date: Wed, 09 Nov 2022 08:43:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e265c87faef55af1d47d72286d93268a
b97207d04eced8e6412f60c3764cdb527cce26d0
bf3f4fc715e107947c5bf3d622fbf9de1f591649a5008d8790a23463aa8703db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5125
x-amzn-requestid: 28e2820b-5ba9-4f18-92e2-628af222a013
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bHDutH0QoAMFUdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365e65d-29501eef1f15407d4c162d3b;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 04:28:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DeY5q5uKVOON3SX_Wsg1iH0HGNXtG3h6hNQ2dAp4501D5TwJjw8neg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:50 GMT
age: 39570
etag: "b97207d04eced8e6412f60c3764cdb527cce26d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F279f7462-fb18-450d-9aa4-9167af2f9e3a.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F279f7462-fb18-450d-9aa4-9167af2f9e3a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72636ec65cb199dbc4efa2b7eda450cb
a75c5224b4918c2b0db2cf8bddcb509bbc7909ba
dd2b43d2189ac8dd0369a32cad3c3c746a282f06783ca2666eab350ce7bcffbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F279f7462-fb18-450d-9aa4-9167af2f9e3a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13684
x-amzn-requestid: 014aff7c-c59a-43ef-bd22-aa09f24c514d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bA1h3EtKoAMFpGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6363693e-2dfb305543140ca8031b2b0d;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 07:09:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vx2TzHAu1i_ssXsmaDhTnmWI3ZggvRUZgY3SOqDd44nMcihgj9U-Yw==
via: 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 07:44:44 GMT
age: 3516
etag: "a75c5224b4918c2b0db2cf8bddcb509bbc7909ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251feed4603d868ab84aa13c9b8edbdb
381a81a8dcff741612c76f5fdfb42bc13372a119
2dc3848fa2917b3b909e39104657601f41876935b217371a50ee15f778e5a9f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11723
x-amzn-requestid: 955f8ec3-9815-48ff-aa6a-250956377cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTVLFo5oAMF2UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc20-70e216d808330566039aee89;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yq_iWDuX0BUgchE1acIl9ARNm1Zxd7bwoeTIEVoD9MYKGzwYmuM1aw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:44 GMT
age: 39576
etag: "381a81a8dcff741612c76f5fdfb42bc13372a119"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fc93e21-4183-4c02-95b0-b3d44d9d41f6.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fc93e21-4183-4c02-95b0-b3d44d9d41f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c688c72a0a785ef6d485c2ba57ed11a
032f4a224f693fafc9e57e24d1e760e494c2b1e5
19990655154191d879c0b7c92cfed9e93b41eec55e6752e1b3f2ea95df542831
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fc93e21-4183-4c02-95b0-b3d44d9d41f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: d5f757b6-d4b7-4311-9c39-014fa73e59b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDB3qGCToAMFQdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636449ca-29cb4d1873338ce60014656d;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 23:07:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m1mnKZ4KEpZoaN9_PZePiiYdN4fUJatgV4VB5YOn4dfd6J-jA6mR1Q==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 03:35:01 GMT
age: 18499
etag: "032f4a224f693fafc9e57e24d1e760e494c2b1e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:08:56 GMT
age: 84864
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f9389c7-c025-4f6b-b922-12f7edbee6c5.png
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f9389c7-c025-4f6b-b922-12f7edbee6c5.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2690c9cc30d7974ed39c4d680d9cb93
132e96b7579376ccf4c868f33c8229ab534b45ea
c17b9b14a7347b0d4cd6ea2b5a44e47abc6e6cdba5c3ed082342da752eb6f8f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f9389c7-c025-4f6b-b922-12f7edbee6c5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9792
x-amzn-requestid: 901422d7-08e6-46ac-a8a2-efd52057cde8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: atDvMGq2oAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b7ffa-17055cbc5c8a0172775650a6;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 07:08:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gpFfSzKikjfuVfVxOVQDu8znJIQZPsokevZWivGPlsSKst68YF5tLQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:57 GMT
age: 39563
etag: "132e96b7579376ccf4c868f33c8229ab534b45ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/1597008893-Caroxa2%20image1.jpg?class=listing
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/1597008893-Caroxa2%20image1.jpg?class=listing
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/1597008893-Caroxa2%20image1.jpg?class=listing HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/1597008893-Caroxa2%20image1.jpg?class=listing
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-199
x-downloadsize: 0
x-bo-origindownloadtime: 9
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 2414e0768222b395117a761190ce8696
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/mp_sale_images/sale-image-48750-globezo.jpg?class=showsq
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/mp_sale_images/sale-image-48750-globezo.jpg?class=showsq
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/mp_sale_images/sale-image-48750-globezo.jpg?class=showsq HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/mp_sale_images/sale-image-48750-globezo.jpg?class=showsq
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-211
x-downloadsize: 0
x-bo-origindownloadtime: 9
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 4aa641d86d5d0eb6bac29f2fcb815c14
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/1661571080-techesa-01.jpg?class=listing
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/1661571080-techesa-01.jpg?class=listing
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/1661571080-techesa-01.jpg?class=listing HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/1661571080-techesa-01.jpg?class=listing
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-195
x-downloadsize: 0
x-bo-origindownloadtime: 10
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 98ad60e7fb0ca699f3d5e55f368fb124
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/logo-image-88730-l-2.net.jpg?class=listing
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/logo-image-88730-l-2.net.jpg?class=listing
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/logo-image-88730-l-2.net.jpg?class=listing HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/logo-image-88730-l-2.net.jpg?class=listing
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-194
x-downloadsize: 0
x-bo-origindownloadtime: 11
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 8bcdbda87c8dfac5739221d1367719d2
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/logo-image-36978-bankux.jpg?class=listing
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/logo-image-36978-bankux.jpg?class=listing
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/logo-image-36978-bankux.jpg?class=listing HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/logo-image-36978-bankux.jpg?class=listing
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-192
x-downloadsize: 0
x-bo-origindownloadtime: 10
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 7d4a1a6de284b1435d4947368b0e5e66
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/1599473431-let%20it%20run.png?class=listing
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/1599473431-let%20it%20run.png?class=listing
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/1599473431-let%20it%20run.png?class=listing HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/1599473431-let%20it%20run.png?class=listing
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-206
x-downloadsize: 0
x-bo-origindownloadtime: 14
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 55ce0901b0936dcc73e00e8f6b1a1fcf
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/logo-image-20742-globezo.jpg?class=show
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/logo-image-20742-globezo.jpg?class=show
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/logo-image-20742-globezo.jpg?class=show HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/logo-image-20742-globezo.jpg?class=show
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-208
x-downloadsize: 0
x-bo-origindownloadtime: 14
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 1db1c64c3be2f0bd630d40a6e5ec43c9
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/logo-image-28820-networkzo.jpg?class=listing
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/logo-image-28820-networkzo.jpg?class=listing
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/logo-image-28820-networkzo.jpg?class=listing HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/logo-image-28820-networkzo.jpg?class=listing
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-205
x-downloadsize: 0
x-bo-origindownloadtime: 15
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 21c67a83d5eb39e6574e35b0cba06ad3
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/1667452637-Hugela-01.jpg?class=listing
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/1667452637-Hugela-01.jpg?class=listing
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/1667452637-Hugela-01.jpg?class=listing HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/1667452637-Hugela-01.jpg?class=listing
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-194
x-downloadsize: 0
x-bo-origindownloadtime: 15
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 26b4cf4ddb89ab8f88ed5d41047879fd
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/logo-image-83733-findyna.jpg?class=listing
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/logo-image-83733-findyna.jpg?class=listing
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/logo-image-83733-findyna.jpg?class=listing HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/logo-image-83733-findyna.jpg?class=listing
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-209
x-downloadsize: 0
x-bo-origindownloadtime: 21
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: c898383d06a8c84df0287ed9023ec0ba
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/1603757191-Globoza.jpg?class=listing
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/1603757191-Globoza.jpg?class=listing
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/1603757191-Globoza.jpg?class=listing HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/1603757191-Globoza.jpg?class=listing
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-206
x-downloadsize: 0
x-bo-origindownloadtime: 28
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 7cce69191b46248d85164ea5a11022db
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/1604914058-Globeza-100.jpg?class=listing
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/1604914058-Globeza-100.jpg?class=listing
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/1604914058-Globeza-100.jpg?class=listing HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/1604914058-Globeza-100.jpg?class=listing
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-195
x-downloadsize: 0
x-bo-origindownloadtime: 11
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: c84978e10571f5d411c320457ec60d5f
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/1607683947-1.png?class=listing
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/1607683947-1.png?class=listing
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/1607683947-1.png?class=listing HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/1607683947-1.png?class=listing
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-199
x-downloadsize: 0
x-bo-origindownloadtime: 13
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 0a11d13add603cd05528a4aeeee26959
cdn-cache: MISS
X-Firefox-Spdy: h2
img.squadhelp.com/story_images/visual_images/1659919603-1-G-01.jpg?class=listing
194.242.11.186301 Moved Permanently 0 B URL HTTP/2 img.squadhelp.com/story_images/visual_images/1659919603-1-G-01.jpg?class=listing
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /story_images/visual_images/1659919603-1-G-01.jpg?class=listing HTTP/1.1
Host: img.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 08:43:20 GMT
content-length: 0
location: https://img-origin.squadhelp.com/story_images/visual_images/1659919603-1-G-01.jpg?class=listing
server: BunnyCDN-NO-830
cdn-pullzone: 720681
cdn-uid: f9d574da-6b07-4a25-a965-8797fec66609
cdn-requestcountrycode: NO
last-modified: Wed, 09 Nov 2022 08:43:20 GMT
x-bo-server: ASB-199
x-downloadsize: 0
x-bo-origindownloadtime: 17
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 11/09/2022 08:43:20
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 74389744bdf728ef4e375a7aff7dda90
cdn-cache: MISS
X-Firefox-Spdy: h2
www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
54.210.75.214200 OK 330 kB URL HTTP/1.1 www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
IP 54.210.75.214:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 330 kB (330230 bytes)
Hash 26c41d341f37e7f6e8b89042b5573778
c1c53ecfedbfb8bcffac02b9bfc90619e30b6bfb
552a2921bf6f85ef85e962a41fc510aea8715e6747b579fce9d71edb2b4db83d
GET /var/bfd41a3019e05e77b30790f9b1e6ff70.css HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/name/Globezo.com
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: text/css
Content-Length: 330230
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 15:01:25 GMT
Vary: Accept-Encoding
ETag: "63691dc5-509f6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
img-origin.squadhelp.com/story_images/visual_images/1597008893-Caroxa2%20image1.jpg?class=listing
104.22.53.96200 OK 34 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/1597008893-Caroxa2%20image1.jpg?class=listing
IP 104.22.53.96:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x450, components 3\012- data
Hash 1fac7dd91f6000f725012ce8169587a1
ad25e87335a2ddb5e1da29d6d91227b28ba453ca
519399c3624dfc6fd41b2660851eb8f56d73dfce9417929c52b72345bd4a3f03
GET /story_images/visual_images/1597008893-Caroxa2%20image1.jpg?class=listing HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:20 GMT
content-type: image/jpeg
content-length: 34048
last-modified: Sun, 09 Aug 2020 21:34:53 GMT
etag: "5f306bfd-8500"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=8ESMmpwoGG3foqwFx1OtbvxHDD75abgvjcjQ_cK_Xxk-1667983400-0-AU334hcgkgDCZ6Y1Nve5xDKmPxP33f8GAJIhVOmSCg++w9/lwKFFQq6oH2ucC8G0tay5k65kdpb43eiqsL1Xbr4=; path=/; expires=Wed, 09-Nov-22 09:13:20 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429b9c32b4eb-OSL
X-Firefox-Spdy: h2
www.brandxy.com/static_images/approved.svg
54.210.75.214200 OK 40 kB URL HTTP/1.1 www.brandxy.com/static_images/approved.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (40082)
Hash 270c24af424acc9904430b1bff0efaea
7bcce911018f0b4ecb5a1b5fcd5315d0307c56e5
d118c878ff74f71af840ae2b3f429709fa342a0d76707048f2a0c2c5ccb9bc40
Analyzer Verdict Alert fortinet Phishing
GET /static_images/approved.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/name/Globezo.com
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 40478
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 15:01:00 GMT
ETag: "631f49ac-9e1e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.brandxy.com/static_images/home-icon1.png
54.210.75.214200 OK 5.2 kB URL HTTP/1.1 www.brandxy.com/static_images/home-icon1.png
IP 54.210.75.214:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash da16518781500b2d803dad4a760982d1
3ca0ea2fb551a82866a3837d2baca03675095b41
239a036ba9903a56ef9bf47bba54dbc02f2dcb74bde85cdd2015500a8cbc3a47
GET /static_images/home-icon1.png HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/name/Globezo.com
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/png
Content-Length: 5219
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 23:17:37 GMT
ETag: "633e1091-1463"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.brandxy.com/static_images/home-icon3.png
54.210.75.214200 OK 4.1 kB URL HTTP/1.1 www.brandxy.com/static_images/home-icon3.png
IP 54.210.75.214:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash e7fd2c6f76ad85f53c4973c5916e5518
5b93c7f98671a8723159feeadc4bef10699383bb
f457a48d31e069e637b0480fc60f51e29407fe354b6fb6468f6ef8522879f67d
GET /static_images/home-icon3.png HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/name/Globezo.com
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/png
Content-Length: 4142
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 23:17:38 GMT
ETag: "633e1092-102e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-origin.squadhelp.com/story_images/visual_images/1603757191-Globoza.jpg?class=listing
104.22.53.96200 OK 74 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/1603757191-Globoza.jpg?class=listing
IP 104.22.53.96:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x450, components 3\012- data
Hash ff43f685c8c1b2e6fe23ba993da1f4e0
81fb006867921e1dce284d8a7f4f9e00255d45e3
55e3d2409ef009c4885d74cba900bbe2b558d36d860681ecf0ec7b79a67095a6
GET /story_images/visual_images/1603757191-Globoza.jpg?class=listing HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:20 GMT
content-type: image/jpeg
content-length: 73724
last-modified: Tue, 27 Oct 2020 00:06:31 GMT
etag: "5f976487-11ffc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=H0uYZztlQY0SFJnj9RPeGufoe7204Y4u7V8umgpMOTY-1667983400-0-AS030ks9wX5ndBnPJ/g+/JAr8V4jv5qlqmQnzhNoHibeexhTfzs9TYIsTz1JEiPVPDxwwKbRDgi9N1rp2ZTao1s=; path=/; expires=Wed, 09-Nov-22 09:13:20 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429bcc6cb4eb-OSL
X-Firefox-Spdy: h2
www.brandxy.com/resources/views/frontend/sellers/theme5/imgs/video.png
54.210.75.214404 Not Found 162 B URL HTTP/1.1 www.brandxy.com/resources/views/frontend/sellers/theme5/imgs/video.png
IP 54.210.75.214:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
GET /resources/views/frontend/sellers/theme5/imgs/video.png HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/name/Globezo.com
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Vary: Accept-Encoding
www.googletagmanager.com/gtm.js?id=GTM-M6CM29
142.250.74.168200 OK 105 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M6CM29
IP 142.250.74.168:0
File type ASCII text, with very long lines (53438)
Size 105 kB (104812 bytes)
Hash 76b551330ff090eca3a7836ec9c7e223
2756550fc465a303acf8b4faa94c1f19a0f489ae
a729b2b3a9ff5a6f88f4d66f00e458d95883e971d10ca4b47c184e8403dda61a
GET /gtm.js?id=GTM-M6CM29 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Nov 2022 08:43:20 GMT
expires: Wed, 09 Nov 2022 08:43:20 GMT
cache-control: private, max-age=900
last-modified: Wed, 09 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104812
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.brandxy.com/static_images/home-icon2.png
54.210.75.214200 OK 3.4 kB URL HTTP/1.1 www.brandxy.com/static_images/home-icon2.png
IP 54.210.75.214:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ba836c04228984730b7b2d93122359c
977b173a51edb3d1fca78fc66ec2f57ca4566e3c
85a86290616eaeeeefceec31400a2d3870f110fbab15dcbf55d2743dc10d51ca
GET /static_images/home-icon2.png HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/name/Globezo.com
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/png
Content-Length: 3373
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 23:17:38 GMT
ETag: "633e1092-d2d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.brandxy.com/html/static_images/icon-search.svg
54.210.75.214200 OK 1.1 kB URL HTTP/1.1 www.brandxy.com/html/static_images/icon-search.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1006)
Hash d8053c92d3fa9ce9de58e0b707951a85
c0ed281eb158ff54daeeea5fd12eed892e2a809f
363bbda5525787b0caefb6568005cdfcc80739ff0f9397b68145d9e8146b527c
Analyzer Verdict Alert fortinet Phishing
GET /html/static_images/icon-search.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 1110
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 18:35:59 GMT
ETag: "6343148f-456"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-origin.squadhelp.com/story_images/visual_images/1661571080-techesa-01.jpg?class=listing
104.22.53.96200 OK 137 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/1661571080-techesa-01.jpg?class=listing
IP 104.22.53.96:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 1250x750, components 3\012- data
Size 137 kB (136616 bytes)
Hash 321b5a18085ec72969d907a4b90f3ca7
133582f7e8f4950ea7852a19967b7e9c464db0f2
b91ed478090693d4098b6d8456988129f70232f5310e9962844bd684a1621c02
GET /story_images/visual_images/1661571080-techesa-01.jpg?class=listing HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:20 GMT
content-type: image/jpeg
content-length: 136616
last-modified: Sat, 27 Aug 2022 03:31:20 GMT
etag: "63099008-215a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=Fxr1fAI077rLXDABCc8uIhSV_ypFtFaFOCGYil_qCS8-1667983400-0-AfYJoCEUpDs8jgy9UrMAh+uqticWb4E/+MzDAYfUQft71n/tqAEBRD5kCiU1v7LfAh4CmMEZ4jm637esozYnsmE=; path=/; expires=Wed, 09-Nov-22 09:13:20 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429b9c36b4eb-OSL
X-Firefox-Spdy: h2
www.brandxy.com/var/b46b5fe82f0e9d06b00e81ed60bfb42a.js
54.210.75.214200 OK 382 kB URL HTTP/1.1 www.brandxy.com/var/b46b5fe82f0e9d06b00e81ed60bfb42a.js
IP 54.210.75.214:0
File type ASCII text, with very long lines (65469)
Size 382 kB (381821 bytes)
Hash b46b5fe82f0e9d06b00e81ed60bfb42a
6970d25480fc36d12615f7e5abe5860b5b3c0a2f
4652497572b28848cac265789f96dfd69fe3f7955220e001beba09b16e317e4d
Analyzer Verdict Alert fortinet Phishing
GET /var/b46b5fe82f0e9d06b00e81ed60bfb42a.js HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/name/Globezo.com
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: application/x-javascript
Content-Length: 381821
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 14:51:39 GMT
Vary: Accept-Encoding
ETag: "636a6cfb-5d37d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.squadhelp.com/story_images/sm_images/1633945213-brandxy%20rect.png
104.22.53.96200 OK 16 kB URL HTTP/2 www.squadhelp.com/story_images/sm_images/1633945213-brandxy%20rect.png
IP 104.22.53.96:0
File type PNG image data, 913 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash f1a8a7b2284f1d5b31fc393956894c9a
ab6bbe62f32a91ad3df68355b24f9180e82e53c2
bfd18fca698dacb48b23a078453234d13d9cbf153c59740f4110dc51b430ec67
GET /story_images/sm_images/1633945213-brandxy%20rect.png HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:20 GMT
content-type: image/png
content-length: 16159
last-modified: Mon, 11 Oct 2021 09:40:13 GMT
etag: "6164067d-3f1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=gwSgG8X3gcPpzTNZATgfJYPBYXZ0_EsRk.KOa6X3UWk-1667983400-0-ARc921xTzODQMxSN3MErJxV/mbODWgweVY1bfCpq1yHqsWbak1NzdQ3m2OYSK56dgGRkWYzQLgQLh8FsJvFd/ec=; path=/; expires=Wed, 09-Nov-22 09:13:20 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429acb26b4eb-OSL
X-Firefox-Spdy: h2
www.brandxy.com/modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff2
54.210.75.214404 Not Found 162 B URL HTTP/1.1 www.brandxy.com/modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff2
IP 54.210.75.214:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
Analyzer Verdict Alert fortinet Phishing
GET /modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff2 HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Vary: Accept-Encoding
www.brandxy.com/modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff2
54.210.75.214404 Not Found 162 B URL HTTP/1.1 www.brandxy.com/modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff2
IP 54.210.75.214:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
Analyzer Verdict Alert fortinet Phishing
GET /modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff2 HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Vary: Accept-Encoding
www.brandxy.com/html/static_images/icon-caret-right.svg
54.210.75.214200 OK 486 B URL HTTP/1.1 www.brandxy.com/html/static_images/icon-caret-right.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (384)
Hash 1bbd3032cb998491c3ca6889d9c9959b
b8e0e38d8fd4a1f5a2ae6e313a2ee6e18b8c5626
05fa84ef9fc1abb675a2db35a87ca1b384047b68a8a6af7a80a9e1990b6b2141
Analyzer Verdict Alert fortinet Phishing
GET /html/static_images/icon-caret-right.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 486
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 18:35:56 GMT
ETag: "6343148c-1e6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.brandxy.com/html/static_images/icon-arrow-long-right.svg
54.210.75.214200 OK 225 B URL HTTP/1.1 www.brandxy.com/html/static_images/icon-arrow-long-right.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c90d39f1f3e07caceadf406aa73d9399
35e1a9645e0c350d111fcb04a8952d4614c1c1fb
0b6f86d569ea4a17b522d2d0abf784872bcb7bd2e512c7a34bdc3a2f77fd946b
Analyzer Verdict Alert fortinet Phishing
GET /html/static_images/icon-arrow-long-right.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 225
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 18:36:02 GMT
ETag: "63431492-e1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
img-origin.squadhelp.com/story_images/visual_images/1659919603-1-G-01.jpg?class=listing
104.22.53.96200 OK 104 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/1659919603-1-G-01.jpg?class=listing
IP 104.22.53.96:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 1250x750, components 3\012- data
Size 104 kB (103659 bytes)
Hash d71d4eae4f5b4320bb59057297c00b19
80e7781ec53f8551a8aaea86eb4b566d4b5cf02c
0481914321a8651dd19992506300f2081b382e05ef5253b7fe5ce385cf0bfd48
GET /story_images/visual_images/1659919603-1-G-01.jpg?class=listing HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:20 GMT
content-type: image/jpeg
content-length: 103659
last-modified: Mon, 08 Aug 2022 00:46:43 GMT
etag: "62f05cf3-194eb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=5KKjxHwpWibBRk8.7jb566ZaFKUNQABL9hiyRuSRLv0-1667983400-0-Ac1BmMzmVg747ceUCYcziNVZpewMu3FV6ry1OXqV+rJPoNvLwxOJWbFpZSYkULOrx8YrIMv1+zNoLvAXgMRNS0Q=; path=/; expires=Wed, 09-Nov-22 09:13:20 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429c5d09b4eb-OSL
X-Firefox-Spdy: h2
www.brandxy.com/html/static_images/icon-arrow-right.svg
54.210.75.214200 OK 225 B URL HTTP/1.1 www.brandxy.com/html/static_images/icon-arrow-right.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c90d39f1f3e07caceadf406aa73d9399
35e1a9645e0c350d111fcb04a8952d4614c1c1fb
0b6f86d569ea4a17b522d2d0abf784872bcb7bd2e512c7a34bdc3a2f77fd946b
Analyzer Verdict Alert fortinet Phishing
GET /html/static_images/icon-arrow-right.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 225
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 18:36:03 GMT
ETag: "63431493-e1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.brandxy.com/html/static_images/icon-phone-blue.svg
54.210.75.214200 OK 937 B URL HTTP/1.1 www.brandxy.com/html/static_images/icon-phone-blue.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (833)
Hash 06f8b1eb35009266962ddcb5622144ce
3ed4c987b7fd9781a52162481095616578148afa
52e2434d7c55026de75bd6dac853bbc85f30c574f5a3104d5d7b270c21969890
Analyzer Verdict Alert fortinet Phishing
GET /html/static_images/icon-phone-blue.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 937
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 18:35:58 GMT
ETag: "6343148e-3a9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
img-origin.squadhelp.com/story_images/visual_images/1599473431-let%20it%20run.png?class=listing
104.22.53.96200 OK 18 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/1599473431-let%20it%20run.png?class=listing
IP 104.22.53.96:0
File type PNG image data, 751 x 451, 8-bit/color RGBA, non-interlaced\012- data
Hash 607b243ab22937680b58fdf777a94218
659f4247b85f0f99a7c59f4f74ea677fd75972a9
7afbf3f75babdb481d4b2ac144e662539cea7abc51a798c355460f3938152bd0
GET /story_images/visual_images/1599473431-let%20it%20run.png?class=listing HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:20 GMT
content-type: image/png
content-length: 18171
last-modified: Mon, 07 Sep 2020 10:10:31 GMT
etag: "5f560717-46fb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=Y8IvW_BoPNcfLqpA4FSFQY_lgsrhCyhHd46ehv8AGNY-1667983400-0-AavMPMpgBa30eyX5IsxzHSj08qhr7eKZxbpF2gVQG7iPNNJ6lsA7HdzDX1oiHqy52Yig3u8CrF0bYWMTT82w42o=; path=/; expires=Wed, 09-Nov-22 09:13:20 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429bac4cb4eb-OSL
X-Firefox-Spdy: h2
www.brandxy.com/html/static_images/icon-chat.svg
54.210.75.214200 OK 1.6 kB URL HTTP/1.1 www.brandxy.com/html/static_images/icon-chat.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1516)
Hash ba162c8f2f55ff5240b659a4b07c8563
97254241fd68282c9cecb89db526a383a3f62ad6
37a7a7f74821c860e89c66f188bb2457d121e5499dac94164bb0fdbb8c12c850
Analyzer Verdict Alert fortinet Phishing
GET /html/static_images/icon-chat.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 1620
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 18:35:54 GMT
ETag: "6343148a-654"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.brandxy.com/html/static_images/icon-contact.svg
54.210.75.214200 OK 942 B URL HTTP/1.1 www.brandxy.com/html/static_images/icon-contact.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (840)
Hash 229a6c16dc8c44d4dad73f8609ee143c
fd2b1d9cddcbc4700eaa7932b65707264311b57d
66fee795cad42eda52b60d5c6c1c67ab8f08051acec118b872b6bf1b35fa30c8
Analyzer Verdict Alert fortinet Phishing
GET /html/static_images/icon-contact.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 942
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 18:35:44 GMT
ETag: "63431480-3ae"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.brandxy.com/html/static_images/icon-check.svg
54.210.75.214200 OK 574 B URL HTTP/1.1 www.brandxy.com/html/static_images/icon-check.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 8aa995b8d0e99748b248cf09db3024c2
589df97cace0dfe8ae24e44748aeb2e181d1c078
45990917857545f2751078ce1a2fbb057dad50c93ee9fd063a87b106aee15854
Analyzer Verdict Alert fortinet Phishing
GET /html/static_images/icon-check.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 574
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 18:35:51 GMT
ETag: "63431487-23e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
img-origin.squadhelp.com/story_images/visual_images/logo-image-36978-bankux.jpg?class=listing
104.22.53.96200 OK 101 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/logo-image-36978-bankux.jpg?class=listing
IP 104.22.53.96:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=[*0*], xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:10 11:55:20], baseline, precision 8, 750x450, components 3\012- data
Size 101 kB (100962 bytes)
Hash 0cf5539b1cd3edbae42001137c84635c
42dbc57beb07195e940ab4ffbe2a96d94dcd8552
168e2fe0aa083bdafae4ef2098806c30e00abb691d8ca9e32b7b6445776236ee
GET /story_images/visual_images/logo-image-36978-bankux.jpg?class=listing HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:20 GMT
content-type: image/jpeg
content-length: 100962
last-modified: Mon, 01 Feb 2021 20:22:19 GMT
etag: "601862fb-18a62"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=.w_JUH2ivxpdb53Q9UNcvkZUiLqF3E3l9tZYCl.Q2jU-1667983400-0-Aa2fR711rbwEQg6zUkQX5E/me45T5dXsJaU+H7eYwHOlymNWveJa1R90bheL99ILD/T45eJ4U4ONa1GjS0x9Wso=; path=/; expires=Wed, 09-Nov-22 09:13:20 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429bac49b4eb-OSL
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/search-insights@1.3.1
151.101.85.229200 OK 2.9 kB URL HTTP/2 cdn.jsdelivr.net/npm/search-insights@1.3.1
IP 151.101.85.229:0
File type ASCII text, with very long lines (10262)
Hash f66557a8cde2590db029b6b8304378db
11bbbcd7974761b20ec50d17f4049977315d9d08
9ab7d5c8a5762c81158601720fd131bef233a57193e6daaa8d1ad26e5912f1d3
GET /npm/search-insights@1.3.1 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.3.1
x-jsd-version-type: version
etag: W/"2817-FGLI0cv/s1qAA3nM5zLdFEpck2Q"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:20 GMT
age: 1649890
x-served-by: cache-fra-eddf8230023-FRA, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2870
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.85.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.85.140:0
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:20 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
www.brandxy.com/modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff
54.210.75.214200 OK 18 kB URL HTTP/1.1 www.brandxy.com/modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff
IP 54.210.75.214:0
File type Web Open Font Format, TrueType, length 17728, version 0.0\012- data
Hash d3e70bb9f3e0c92a66905d70ba60d740
e129b4004523abdb2c3ac06600dd306a90c279a8
9e6af695ebfa9ece4c4cc86253e8f916279b3520d693c666a1bcd169beb054d2
Analyzer Verdict Alert fortinet Phishing
GET /modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: application/x-font-woff
Content-Length: 17728
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 15:01:33 GMT
ETag: "4540-5e87c2be9789e"
Accept-Ranges: bytes
Cache-Control: max-age=315360000
Expires: Thu, 31 Dec 2037 23:55:55 GMT
www.brandxy.com/html/static_images/icon-question.svg
54.210.75.214200 OK 2.9 kB URL HTTP/1.1 www.brandxy.com/html/static_images/icon-question.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2760)
Hash 597de4ffd9f110a5666e755b5b44d6b2
b2b8b38b435f0cf0ab6b57832081603e8a194b5b
72854ba81c7ba7a5b5b7e647240453370d984bdce8aba91fd794d082510bd56b
Analyzer Verdict Alert fortinet Phishing
GET /html/static_images/icon-question.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 2864
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 18:35:59 GMT
ETag: "6343148f-b30"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.brandxy.com/html/static_images/icon-plus.svg
54.210.75.214200 OK 815 B URL HTTP/1.1 www.brandxy.com/html/static_images/icon-plus.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (711)
Hash 3e51ffa9911e96708c2a8e204c9a1079
14bfbd98835d542eb14ec55a4c07866d5a6d3a39
02c2c90eb39ba1c81dbde8806bbec25454ed7b1639c167bf04d3c49135cbde50
Analyzer Verdict Alert fortinet Phishing
GET /html/static_images/icon-plus.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 815
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 18:35:49 GMT
ETag: "63431485-32f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.brandxy.com/html/static_images/icon-play.svg
54.210.75.214200 OK 434 B URL HTTP/1.1 www.brandxy.com/html/static_images/icon-play.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash ecf88f6f1dcf9f6644db57a3ce78348d
b0523e011ae2f8e3994e6f35aa7427ad1e5c9a99
d735f9ccc37a66847ffd1dd5d5fdee85f9389a4955eac9bd16578d7c191b7f84
Analyzer Verdict Alert fortinet Phishing
GET /html/static_images/icon-play.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 434
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 18:35:50 GMT
ETag: "63431486-1b2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 7aa83ef698d71628e423ee7dcec453d7
7609762d472d7792bbb1acb9719fefe98e06852f
bda6af06f215095704639cb47f195625a1a2a23b2ac87c87da8ba47e5471bfe5
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "4E0E1FFB07812E05D163B725E48C5864EC01BA8A"
Expires: Wed, 09 Nov 2022 19:00:00 GMT
Last-Modified: Wed, 09 Nov 2022 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1672
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767542a02bdc1c12-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 16e3578fa1505544015b83210552a798
259c90b288ad0d9809a86f849b5fccd8664536b9
7b7a4f45c3ce9567272642d075f71ea1258fd766865adb9d7791036a24818911
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2764
Cache-Control: max-age=171202
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:20 GMT
Etag: "636b571e-116"
Expires: Fri, 11 Nov 2022 08:16:42 GMT
Last-Modified: Wed, 09 Nov 2022 07:30:38 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
img-origin.squadhelp.com/story_images/visual_images/1604914058-Globeza-100.jpg?class=listing
104.22.53.96200 OK 72 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/1604914058-Globeza-100.jpg?class=listing
IP 104.22.53.96:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x450, components 3\012- data
Hash fd11dec85f2dbde2b9727012b7817b09
dc87c790e4501df33660809291d71ef42c13bd93
d2980037a13b99cbe202d15babc9b446a33c8d6329e193fd905d7d5ef6250658
GET /story_images/visual_images/1604914058-Globeza-100.jpg?class=listing HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:21 GMT
content-type: image/jpeg
content-length: 72493
last-modified: Mon, 09 Nov 2020 09:27:38 GMT
etag: "5fa90b8a-11b2d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=Lv9lnsMVMAMTi2fgv40o4qh9119GUrSANvtLkbTORUU-1667983401-0-AYTewLB3fdMNt5+O1nKXKQehvCw/83+85bFLw4pFTQUw+26Sy+2jNL9wP+mTz/cAlOz5LCj6T9QKLsC7yRLXwdQ=; path=/; expires=Wed, 09-Nov-22 09:13:21 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429c3cf0b4eb-OSL
X-Firefox-Spdy: h2
img-origin.squadhelp.com/story_images/visual_images/1667452637-Hugela-01.jpg?class=listing
104.22.53.96200 OK 154 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/1667452637-Hugela-01.jpg?class=listing
IP 104.22.53.96:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 1250x750, components 3\012- data
Size 154 kB (153781 bytes)
Hash b72f647c34b6b69bb1a5a8802c956a9e
991a36a53479e3be6a419aa4321266f610f880fc
07d7c2d9d4d397e9d87615bb8dcf947bda4b2dbfd175875546b843325d231196
GET /story_images/visual_images/1667452637-Hugela-01.jpg?class=listing HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:20 GMT
content-type: image/jpeg
content-length: 153781
last-modified: Thu, 03 Nov 2022 05:17:17 GMT
etag: "63634edd-258b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=A7pMjS1fkm.RYUAyCneH.pyBuzgw00SWvl2TN251MhY-1667983400-0-AR6QypcAs+ZHFO8ymmRuEvFL8PODOzNkdOXZfFmZYpKoQ4XP6ujPns4wLGsiLjX5srM/kiTgeXpO2e2K9edHvbE=; path=/; expires=Wed, 09-Nov-22 09:13:20 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429bbc63b4eb-OSL
X-Firefox-Spdy: h2
img-origin.squadhelp.com/story_images/visual_images/1607683947-1.png?class=listing
104.22.53.96200 OK 46 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/1607683947-1.png?class=listing
IP 104.22.53.96:0
File type PNG image data, 1563 x 938, 8-bit/color RGBA, interlaced\012- data
Hash cc10b5876fca285ad7492963d6a163fe
10df5d584649559839817baa16058f37c9b36729
3d11e6a6a13e8fcc1b2c2ccb47e80d1d8992290c93f6d755e76eec31515eb455
GET /story_images/visual_images/1607683947-1.png?class=listing HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:21 GMT
content-type: image/png
content-length: 45631
last-modified: Fri, 11 Dec 2020 10:52:27 GMT
etag: "5fd34f6b-b23f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=S9kQwfYSKSuAC.ek8Jp.7MQSM7oKcy4Mb30Y_TSD0JI-1667983401-0-AY6JuC/pB/Tt/qZ/jNqTT/Jdu2sntaNLIaYJKJIYZDb9WCo0Vbn9ZMhiG1rvGUCeTEPMTA81IM0j88/kkdD4lRw=; path=/; expires=Wed, 09-Nov-22 09:13:21 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429c4d03b4eb-OSL
X-Firefox-Spdy: h2
img-origin.squadhelp.com/story_images/visual_images/logo-image-20742-globezo.jpg?class=show
104.22.53.96200 OK 195 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/logo-image-20742-globezo.jpg?class=show
IP 104.22.53.96:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=Adobe Photoshop Lightroom 5.6 (Windows), datetime=2020:08:10 21:15:49], baseline, precision 8, 750x450, components 3\012- data
Size 195 kB (194830 bytes)
Hash ced693378e350e5e8a60a42bb11493de
9caf92c219319db11669d30d8f237ed48dd41103
d7edea07301cd2e67a460037844d54f261aeff907949309547264b8846688561
GET /story_images/visual_images/logo-image-20742-globezo.jpg?class=show HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:20 GMT
content-type: image/jpeg
content-length: 194830
last-modified: Tue, 11 Oct 2022 17:23:01 GMT
etag: "6345a675-2f90e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=gdQOuVTVtkB.IgsCqkcPVmE3u5me2TeH6hgquK7y4Pg-1667983400-0-AfiI8kexhuK59PDVnm7bZaDEamEoNBeAwiSQ7QszbbPEKvn0KOdpErXXmGzO0BCVS5B6Lez7qeOmypQVGNLcK78=; path=/; expires=Wed, 09-Nov-22 09:13:20 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429bac4eb4eb-OSL
X-Firefox-Spdy: h2
img-origin.squadhelp.com/story_images/visual_images/logo-image-88730-l-2.net.jpg?class=listing
104.22.53.96200 OK 185 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/logo-image-88730-l-2.net.jpg?class=listing
IP 104.22.53.96:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=Adobe Photoshop Lightroom 5.6 (Windows), datetime=2020:08:10 21:22:50], baseline, precision 8, 750x450, components 3\012- data
Size 185 kB (184868 bytes)
Hash e178bf747a86de9965119e0a288ae4c7
19392738b4852e175bc569db82e8c212a7e27eee
d644527965dba101c4e1bad278280060246cc538ef6d5d0cb14463515f602c91
GET /story_images/visual_images/logo-image-88730-l-2.net.jpg?class=listing HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:20 GMT
content-type: image/jpeg
content-length: 184868
last-modified: Mon, 01 Feb 2021 20:25:50 GMT
etag: "601863ce-2d224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=Jyd_bB8lNCQ5LqnTu2cm5aJwpjiMlPvUvKTh59iOx3Y-1667983400-0-Adh8+QRKDaIHNcrpzMayC9dfcjbir/bL8lKdbf3w21rlkRUrnrN0X63dvpffHlrUIr6N6GeywM+Ep8cyiTZvW5Y=; path=/; expires=Wed, 09-Nov-22 09:13:20 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429bac41b4eb-OSL
X-Firefox-Spdy: h2
www.brandxy.com/modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff
54.210.75.214200 OK 25 kB URL HTTP/1.1 www.brandxy.com/modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff
IP 54.210.75.214:0
File type Web Open Font Format, TrueType, length 25024, version 0.0\012- data
Hash 64a4009279239d381f2b23101abb2a10
d7449396c6136b08d2d30a9555a4087e2dc58398
c30a3a787d2b79b2b86e912fe423db6e4e1d73be0589bf5b0060f6f2e3ff73b6
Analyzer Verdict Alert fortinet Phishing
GET /modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.brandxy.com/var/bfd41a3019e05e77b30790f9b1e6ff70.css
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: application/x-font-woff
Content-Length: 25024
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 15:01:33 GMT
ETag: "61c0-5e87c2be58105"
Accept-Ranges: bytes
Cache-Control: max-age=315360000
Expires: Thu, 31 Dec 2037 23:55:55 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0ae3b3efc0739a95f1d6e9666c35b5c
bbd35d3bfbee7a4a73d07c4427674f538a090283
4c042ce76fbe62c6b01878baf4ef99fd0d7da60d0fc1a77658ea24f70e5104ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C042CE76FBE62C6B01878BAF4EF99FD0D7DA60D0FC1A77658EA24F70E5104EA"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17650
Expires: Wed, 09 Nov 2022 13:37:31 GMT
Date: Wed, 09 Nov 2022 08:43:21 GMT
Connection: keep-alive
img-origin.squadhelp.com/story_images/visual_images/logo-image-28820-networkzo.jpg?class=listing
104.22.53.96200 OK 131 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/logo-image-28820-networkzo.jpg?class=listing
IP 104.22.53.96:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=Adobe Photoshop Lightroom 5.6 (Windows), datetime=2020:08:10 20:55:21], baseline, precision 8, 750x450, components 3\012- data
Size 131 kB (131399 bytes)
Hash d24c36ed48df921fdf7ec7ec2d1c3fe3
4aad9eed7e0b2eaa27a8afaf7a5630778a499c80
353169e7abb72f60a0f76ec622010442e0ec81f0c83dff1d3a0515a3c5165862
GET /story_images/visual_images/logo-image-28820-networkzo.jpg?class=listing HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:21 GMT
content-type: image/jpeg
content-length: 131399
last-modified: Wed, 17 Nov 2021 11:55:04 GMT
etag: "6194ed98-20147"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=7qJxVR7UAGnlxXng97L_BxdGVBlqH20e0jQUmVbgj58-1667983401-0-ARwLVRx0vUqe2S8du9MWWewLFraKjMF326sC+REe54lrGYWjuv5zQrUkhgnrE3EmrwPLslD5elCFYArfbdLFpRE=; path=/; expires=Wed, 09-Nov-22 09:13:21 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429bbc61b4eb-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash cd7d02839e0c53efd891d44fcbb9b1ad
b83c437a8d87a2c63587692bff84753d58570d1d
ce19f648db02ac120dee547542dc1558b2981f4aa2d655256b7f2904bac095af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6023
Cache-Control: max-age=120464
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:21 GMT
Etag: "636a8432-2d7"
Expires: Thu, 10 Nov 2022 18:11:05 GMT
Last-Modified: Tue, 08 Nov 2022 16:30:42 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 727
www.brandxy.com/html/images/payment-method.svg
54.210.75.214200 OK 754 kB URL HTTP/1.1 www.brandxy.com/html/images/payment-method.svg
IP 54.210.75.214:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (63377)
Size 754 kB (754272 bytes)
Hash e3e3c548e343fac327a66ac5e6d06a6e
e245fd7d6c47fe9dba455367f2e1d3ad4cdd7743
8c4cb7253b088bd201143f25af8067ed237dfa262ec3c8c93da49d2efab86522
Analyzer Verdict Alert fortinet Phishing
GET /html/images/payment-method.svg HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/name/Globezo.com
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 754272
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 01:08:52 GMT
ETag: "635f2024-b8260"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
vimeo.com/api/oembed.json?url=https%3A%2F%2Fvimeo.com%2F720893092&domain=www.brandxy.com&id=720893092&autoplay=0
162.159.138.60200 OK 606 B URL HTTP/1.1 vimeo.com/api/oembed.json?url=https%3A%2F%2Fvimeo.com%2F720893092&domain=www.brandxy.com&id=720893092&autoplay=0
IP 162.159.138.60:0
File type JSON data\012- , ASCII text, with very long lines (1207), with no line terminators
Hash 1b8f17b08757f9ca6a8b9a89201b648e
93816ebaa548dcc36c4294e77edbe0de5420dcff
5da5f3386713614c57a271a5aa3c506040b9de4299f633382f61afd8e1605b53
GET /api/oembed.json?url=https%3A%2F%2Fvimeo.com%2F720893092&domain=www.brandxy.com&id=720893092&autoplay=0 HTTP/1.1
Host: vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 08:43:21 GMT
Content-Type: application/json
Content-Length: 606
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Wed, 09 Nov 2022 08:17:45 GMT
etag: "a1fe56047bd6788ed53c26dafdb61b7f1d740766"
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
x-bapp-server: pweb-79ddf4f478-hg82d
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: webproxy-rollout-prod-varnish-5
x-backend-proxy: webproxy6
Content-Encoding: gzip
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-iad-kjyo7100077-IAD, cache-cph2320034-CPH
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1667983401.013257,VS0,VE153
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=y_oJYHer8LmVznJhOh0yMQV.iAVPZ4fV8qDWBL60CLY-1667983401-0-ATjko1/uR/TjLtxDaaz0x1XHm3gRZXR8f73rsANuQsAciZl1NJERBBgxAGijUT0ISAe9YjcWsqhpgBOl+kGn1y4=; path=/; expires=Wed, 09-Nov-22 09:13:21 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 767542a039481bfe-OSL
img-origin.squadhelp.com/story_images/visual_images/logo-image-83733-findyna.jpg?class=listing
104.22.53.96200 OK 262 kB URL HTTP/2 img-origin.squadhelp.com/story_images/visual_images/logo-image-83733-findyna.jpg?class=listing
IP 104.22.53.96:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=[*0*], xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:10 11:52:12], baseline, precision 8, 750x450, components 3\012- data
Size 262 kB (261463 bytes)
Hash 8a3decbd458619e732d684ca2a62ef91
60791e38a87943a133f8ea649f9e249d3b9463ed
4d9def73ba4c7aaf2db2f0bbbcb7d1e3f0d6ff9a38353323106a90dddf856e7a
GET /story_images/visual_images/logo-image-83733-findyna.jpg?class=listing HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:21 GMT
content-type: image/jpeg
content-length: 261463
last-modified: Tue, 12 Jul 2022 13:40:54 GMT
etag: "62cd79e6-3fd57"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=fJPVJD2JtWvpTeRcDJkZMR_hzRoMFkiKaXIP2gEK41M-1667983401-0-AVGBilQUCDtJP/3tfMKrJ+GeA+H+kUzIGU8J3D59JiCg7qkPMGZjpWtwbG19ldBfbHBhRfT1qqqSjBRnPr2LgBA=; path=/; expires=Wed, 09-Nov-22 09:13:21 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429bcc6ab4eb-OSL
X-Firefox-Spdy: h2
www.brandxy.com/geo-business-names/bubble-theme-dynamic-data
54.210.75.214404 Not Found 52 kB URL HTTP/1.1 www.brandxy.com/geo-business-names/bubble-theme-dynamic-data
IP 54.210.75.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10234)
Hash c39ad39c644616ed3992066b656129dd
c395b92027b2b4d6bb4e0eb555f09898ea53d507
0d0cc174db71f78e2650007473d5817365d1584cc66ee4da7b8512cbf57e56df
Analyzer Verdict Alert fortinet Phishing
GET /geo-business-names/bubble-theme-dynamic-data HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.brandxy.com/name/Globezo.com
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee; _gcl_au=1.1.143446682.1667983398; ahash=PjdeX3WBs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: openresty
Date: Wed, 09 Nov 2022 08:43:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-options: nosniff
www.squadhelp.com/domain_audios/globezo-224.mp3
104.22.53.96206 Partial Content 46 kB URL HTTP/2 www.squadhelp.com/domain_audios/globezo-224.mp3
IP 104.22.53.96:0
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 48 kbps, 24 kHz, Monaural\012- data
Hash 998de39d9324341224a8d05d686f8152
decf59509e5a1e7e6cb0b33df58e480951f2d1e9
93baaf85ef52bed451b88ff3db8bce8ff05e777b1d95835e8a0cebd134268c8c
GET /domain_audios/globezo-224.mp3 HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.brandxy.com/
Cookie: __cf_bm=8ESMmpwoGG3foqwFx1OtbvxHDD75abgvjcjQ_cK_Xxk-1667983400-0-AU334hcgkgDCZ6Y1Nve5xDKmPxP33f8GAJIhVOmSCg++w9/lwKFFQq6oH2ucC8G0tay5k65kdpb43eiqsL1Xbr4=
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Wed, 09 Nov 2022 08:43:21 GMT
content-type: audio/mpeg
content-length: 46125
last-modified: Tue, 11 Oct 2022 17:25:22 GMT
etag: "6345a702-b42d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: MISS
content-range: bytes 0-46124/46125
server: cloudflare
cf-ray: 7675429dee95b4eb-OSL
X-Firefox-Spdy: h2
q.quora.com/_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com
3.209.46.33200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com
IP 3.209.46.33:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Wed, 09 Nov 2022 08:43:21 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,76203376e87ba9ae4a2d7b581db1e870,10.0.0.208,28386,91.90.42.154,,76178318125,1,1667983401.259,0.001,,.,0,0,0.000,0.004,-,0,0,197,118,59,10,34729,,,,,,-,
Content-Length: 43
Connection: keep-alive
img-origin.squadhelp.com/story_images/mp_sale_images/sale-image-48750-globezo.jpg?class=showsq
104.22.53.96200 OK 292 kB URL HTTP/2 img-origin.squadhelp.com/story_images/mp_sale_images/sale-image-48750-globezo.jpg?class=showsq
IP 104.22.53.96:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=Adobe Photoshop Lightroom 5.6 (Windows), datetime=2020:08:10 19:44:11], baseline, precision 8, 600x600, components 3\012- data
Size 292 kB (291706 bytes)
Hash 3bb9da67308660f1cda3c478c0081ea7
caa9140a73d2435971e3cc44b80030d71ad8dd21
f1a8951e39fc9ee83b336f329ec37c287f5747442d84444fe3ca39f8a021d059
GET /story_images/mp_sale_images/sale-image-48750-globezo.jpg?class=showsq HTTP/1.1
Host: img-origin.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:20 GMT
content-type: image/jpeg
content-length: 291706
last-modified: Tue, 11 Oct 2022 17:23:01 GMT
etag: "6345a675-4737a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=FJbEn1.8bzWhcAE5QJY09sE4Y28OlxuEjHcTmZp3O0g-1667983400-0-AW/sCj0gQkZSDDDLbWR+HBWoZRyUcgtxigxfYbzm1Sbm9wQ2PfV3xQJlJwiyleczghul9TEfyHgDl6sVX5hQfO0=; path=/; expires=Wed, 09-Nov-22 09:13:20 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675429b9c34b4eb-OSL
X-Firefox-Spdy: h2
www.brandxy.com/geo-business-names/dynamic-data-lp?domain_id=116420
54.210.75.214404 Not Found 52 kB URL HTTP/1.1 www.brandxy.com/geo-business-names/dynamic-data-lp?domain_id=116420
IP 54.210.75.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10234)
Hash 5244495407a6949be9fb1b82614989af
380c63b7e1ed0553d08b3e01609ac933a1002181
02d2a6a4edf09a80fbcde435e72e4b0f6f796a642f570686b09539d35c69f34d
GET /geo-business-names/dynamic-data-lp?domain_id=116420 HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.brandxy.com/name/Globezo.com
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee; _gcl_au=1.1.143446682.1667983398; ahash=PjdeX3WBs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: openresty
Date: Wed, 09 Nov 2022 08:43:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 81387af62d2831245bdbf07effde75f0
5ed26463b4af8f4776a1d5113b74c6ccdd24a6e0
92e8c57ccf0ed13308f7493a61716038ff8d84b00c09d955828191a3bda24ac2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4779
Cache-Control: max-age=119251
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:21 GMT
Etag: "636a8451-117"
Expires: Thu, 10 Nov 2022 17:50:52 GMT
Last-Modified: Tue, 08 Nov 2022 16:31:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
acsbapp.com/apps/app/dist/js/app.js
138.128.247.123200 OK 142 kB URL HTTP/2 acsbapp.com/apps/app/dist/js/app.js
IP 138.128.247.123:0
File type Unicode text, UTF-8 text, with very long lines (61000), with no line terminators
Size 142 kB (142347 bytes)
Hash 09e8b17fe8fb4fd2f6bd3e814adeb976
05f09e2001c9bfc7bd0ada6831b4edaeb1fc2f08
fd0952431ab51c8c8a234b8df7917f7b0bba2a67c06e9fa27697ce7b476fb571
GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Thu, 10 Nov 2022 08:43:21 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Nov 2022 18:06:07 GMT
etag: "6aab4-6361600f-af3ebb833015feec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 142347
date: Wed, 09 Nov 2022 08:43:21 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
player.vimeo.com/video/720893092?h=eddf4f3cf1&app_id=122963
162.159.138.60200 OK 6.3 kB URL HTTP/1.1 player.vimeo.com/video/720893092?h=eddf4f3cf1&app_id=122963
IP 162.159.138.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20593), with no line terminators
Hash 0dd9c00531de073588e5130ef5871a46
df536308377764fc6bfa241dab4e440b3957a09a
8309a3872bde6d9a0202cb227377bd79e5efef623d466a2f5ded16a8043d3d5c
GET /video/720893092?h=eddf4f3cf1&app_id=122963 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 08:43:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Wed, 09 Nov 2022 08:51:41 GMT
x-host: player-7486488c59-hz486
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-2
x-backend-proxy: playproxy3
x-bapp-server: player-7486488c59-hz486
Age: 0
X-Served-By: cache-cph2320046-CPH
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1667983401.465217,VS0,VE140
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=l3OzrnEKoUN5HQKK3Od2khz0TFlMQr.9Nsh2t71qa7s-1667983401-0-AUh1aU2efFkOUdNwB5nvTfGmUshf4EtpJ2czfwYRfbDC+I6fvUquGp7iNVjGvU3LfCUAhf8+cn+HNdz17FLt1+M=; path=/; expires=Wed, 09-Nov-22 09:13:21 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 767542a31dad0b61-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5032
Cache-Control: max-age=109735
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:21 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:12:16 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 472 B URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (996)
Hash 9c84a489651025d1173e25b763aa9512
f11ffd7fc8aebb12204163c8c7de63e15b7f1a7e
a0690bf498581eb6f63de50ec2aa642fa995a4ff24bdc455aa449472ee21feb8
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 00:42:33 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=57997
date: Wed, 09 Nov 2022 08:43:21 GMT
content-length: 472
x-cdn: AKAM
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 09 Nov 2022 08:41:09 GMT
expires: Wed, 09 Nov 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 132
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 82c95295023c4cedd687b9796d0bf912
87e16cfd5b5e0cc4944001914579e4312f9158d4
3339bdad2df7c661a441e902f5bc4c2a94ae6676099a64901a85b50800a6b982
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (16552), with no line terminators
Hash 38a8be937d3c70d6b958f405a6e0c57d
6b4594e34727d4d742dafdf1ec44fcd68c3a319e
d2bd7faeefb6c5984a48895a162f4e2ecf4652e08849d80ef0f081a9fb276aca
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "a05460a8aed7658751ea12272388692e:1667982290.710847"
Last-Modified: Wed, 09 Nov 2022 08:19:29 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Wed, 09 Nov 2022 09:03:21 GMT
Date: Wed, 09 Nov 2022 08:43:21 GMT
Content-Length: 5294
Connection: keep-alive
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e68ceaeba1b99548159ea2952a6f7f9c
2a3ecb1e5245e8d296ccdcb1bc139b3119460e97
fd4a418f0a67fc363fee8320bb7e11c4e5caa79325c6e80c7233d8f20e815f83
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 5kxu6U6qCKFHjAaQs2B2u4N1oXnz2mIU8HducPx+DSQ6mchg95oyGN5MqsKKSfMJLwzOZnO1Jx/HoXLgLCnk6A==
content-length: 27815
x-fb-trip-id: 1904183273
date: Wed, 09 Nov 2022 08:43:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 82c95295023c4cedd687b9796d0bf912
87e16cfd5b5e0cc4944001914579e4312f9158d4
3339bdad2df7c661a441e902f5bc4c2a94ae6676099a64901a85b50800a6b982
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.taboola.com/libtrc/unip/1344021/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1344021/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58510)
Hash 3471c83f301b075ceb253b3c90e61e6b
2a9cab420b393d174c1aa10980dbd58838aa2f3a
5148cdb42765343f198a1a723bdee7cb20101f625b8856fcebb3ab28cf1e4145
GET /libtrc/unip/1344021/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 208M73buYhcb1krkaxeeT3Vg9xLdt6iCmpXbcAXFZKGfybvMEV5hE4xYrT3EZCTF1V2v8Yh4S+8=
x-amz-request-id: 3W7PMW72JBDFS9V1
x-amz-replication-status: PENDING
last-modified: Sun, 06 Nov 2022 11:16:22 GMT
etag: "950fec2a5013ecdaed4f94a23dc19cc7"
x-amz-version-id: w9yt9gr1Yu4jwr9e.S1mLWwb4nlpa8vJ
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:21 GMT
via: 1.1 varnish
age: 17
x-served-by: cache-bma1637-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667983402.679216,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 47
content-length: 17952
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:21 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1648-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1667983397842&cv=11&fst=1667983397842&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&auid=143446682.1667983398&data=event%3Dgtag.config&rfmt=3&fmt=4
172.217.21.162200 OK 891 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1667983397842&cv=11&fst=1667983397842&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&auid=143446682.1667983398&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (1895), with no line terminators
Hash 1b00cbba1e296341e69b74200a2434d3
6b28820ea00759670524044b2e1998c9d11780fa
56c81824eaac0072feb32c70a77fc6605af64b0508a329bd62a7eee15fb6155e
GET /pagead/viewthroughconversion/1030947153/?random=1667983397842&cv=11&fst=1667983397842&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&auid=143446682.1667983398&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 08:43:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 891
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 08:58:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash babb0d09b27851a7c080c2843211eb91
cf41327a7f5a83c8343e85741bc34cb53050449a
adc4ea8ee48fd9337d951234bd345899ddb116cad409265ee2cf01733ac82e84
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11376
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=1E67D3ED4E736F872399C1BA4F866E10; domain=.bing.com; expires=Mon, 04-Dec-2023 08:43:21 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4D6B33B9B2CF4741806D55DFFD6CF379 Ref B: OSL30EDGE0517 Ref C: 2022-11-09T08:43:21Z
date: Wed, 09 Nov 2022 08:43:20 GMT
X-Firefox-Spdy: h2
www.brandxy.com/favicon.ico
54.210.75.214200 OK 1.0 kB URL HTTP/1.1 www.brandxy.com/favicon.ico
IP 54.210.75.214:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1504f785a65bf56ab21f3fe867a96f0e
4facb4c315e00d52ae2a5862936dd5795678ee05
38565e8e330d53df0489d117e37d016cb9abe5b811d48c2049810a605f55b447
GET /favicon.ico HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/name/Globezo.com
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee; _gcl_au=1.1.143446682.1667983398; ahash=PjdeX3WBs; lpg=/name/globezo; _rdt_uuid=1667983397942.d15dc19a-929c-4469-8c0a-77b45f78ab4c; _ga_VJ36JWQDE1=GS1.1.1667983397.1.1.1667983397.0.0.0; _ga=GA1.1.1798519934.1667983398; _ALGOLIA=anonymous-6e53eac4-bcd2-4b87-88a7-7c2d123e17bc; user_navigation_history=/name/Globezo.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:21 GMT
Content-Type: image/x-icon
Content-Length: 1005
Connection: keep-alive
Last-Modified: Thu, 13 Aug 2015 11:52:45 GMT
ETag: "55cc850d-3ed"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1667983397572&cv=11&fst=1667983397572&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&auid=143446682.1667983398&data=ecomm_pagetype%3Dproduct&rfmt=3&fmt=4
172.217.21.162200 OK 894 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1667983397572&cv=11&fst=1667983397572&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&auid=143446682.1667983398&data=ecomm_pagetype%3Dproduct&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (1905), with no line terminators
Hash 437f9bcd794c55f62f1999a4a20d6711
a35936c608d3a4fd3f87b1e5eada788b51e3b2ab
216a08174b75361c31205665ff18fd2df11b70656d07ae7177c3993e47f86652
GET /pagead/viewthroughconversion/1030947153/?random=1667983397572&cv=11&fst=1667983397572&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&auid=143446682.1667983398&data=ecomm_pagetype%3Dproduct&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 08:43:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 894
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 08:58:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1667983397614&cv=11&fst=1667983397614&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=W8iuCN6Ppc4CENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&auid=143446682.1667983398&rfmt=3&fmt=4
172.217.21.162200 OK 921 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1667983397614&cv=11&fst=1667983397614&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=W8iuCN6Ppc4CENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&auid=143446682.1667983398&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (1926), with no line terminators
Hash 4637c129c12ae3125f6a390aae41efba
f417040f9c8fac470dbe6ce8f00bbd6dce66ebdf
b9c7e3fba34b2ffbdec5268ca8dde6d5ce08391ab38104cd11b7596536bbb81e
GET /pagead/viewthroughconversion/1030947153/?random=1667983397614&cv=11&fst=1667983397614&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=W8iuCN6Ppc4CENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&auid=143446682.1667983398&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 08:43:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 921
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 08:58:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1667983397588&cv=11&fst=1667983397588&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&value=0&bttype=purchase&auid=143446682.1667983398&gcp=1&ct_cookie_present=1
172.217.21.162200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1667983397588&cv=11&fst=1667983397588&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&value=0&bttype=purchase&auid=143446682.1667983398&gcp=1&ct_cookie_present=1
IP 172.217.21.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1030947153/?random=1667983397588&cv=11&fst=1667983397588&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&value=0&bttype=purchase&auid=143446682.1667983398&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 08:43:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 08:58:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5032
Cache-Control: max-age=109735
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:21 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:12:16 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
f.vimeocdn.com/p/4.13.2/css/player.css
151.101.86.109200 OK 20 kB URL HTTP/2 f.vimeocdn.com/p/4.13.2/css/player.css
IP 151.101.86.109:0
File type ASCII text, with very long lines (65495)
Hash 9cffff599bf7157ce18611ba14e0abba
f79a239bf94f2f7a83b90040c0c90f73d57f11ec
135e3378f27f81e61a3f5a7e1bbb1f13f59ff5a7cbffe7806ab4d47675f511c4
GET /p/4.13.2/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:21 GMT
age: 125045
x-served-by: cache-iad-kjyo7100020-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 60, 29591
x-timer: S1667983402.755056,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20326
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/1030947153/?random=1667983397588&cv=11&fst=1667983397588&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&value=0&bttype=purchase&auid=143446682.1667983398&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/1030947153/?random=1667983397588&cv=11&fst=1667983397588&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&value=0&bttype=purchase&auid=143446682.1667983398&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1030947153/?random=1667983397588&cv=11&fst=1667983397588&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&value=0&bttype=purchase&auid=143446682.1667983398&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 08:43:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1030947153/?random=1667983397588&cv=11&fst=1667983397588&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&value=0&bttype=purchase&auid=143446682.1667983398&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d.jpg?mw=80&q=85
151.101.86.109200 OK 1.5 kB URL HTTP/2 i.vimeocdn.com/video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d.jpg?mw=80&q=85
IP 151.101.86.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash 5e87158ee30c950b032e6335be012e5b
469828cd2eb6bef44f0a91b4a864318ac99af3c9
2351ff70736da33512a32489ea9bf8c6b68bc6dcc6e9275f105e6db5ac42d90a
GET /video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: 5e87158ee30c950b032e6335be012e5b
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-central1-njkb
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:21 GMT
age: 1281670
x-served-by: cache-dfw-kdfw8210022-DFW, cache-bma1646-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 532, 4992
x-timer: S1667983402.785183,VS0,VE0
content-length: 1518
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 82c95295023c4cedd687b9796d0bf912
87e16cfd5b5e0cc4944001914579e4312f9158d4
3339bdad2df7c661a441e902f5bc4c2a94ae6676099a64901a85b50800a6b982
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alb.reddit.com/rp.gif?ts=1667983397943&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=d15dc19a-929c-4469-8c0a-77b45f78ab4c&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1667983397943&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=d15dc19a-929c-4469-8c0a-77b45f78ab4c&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1667983397943&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=d15dc19a-929c-4469-8c0a-77b45f78ab4c&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:21 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f.vimeocdn.com/p/4.13.2/js/player.module.js
151.101.86.109200 OK 114 kB URL HTTP/2 f.vimeocdn.com/p/4.13.2/js/player.module.js
IP 151.101.86.109:0
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 114 kB (113604 bytes)
Hash ee481cfb844b5f8cbdfcb86dc09df76c
776335470296e72405ae3e9baeb759cfa713ab85
af37d4de7105ba93e9ce592d86c1086bb3921c1b3a7f8dbb37d11ddc50ce5da0
GET /p/4.13.2/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:21 GMT
age: 125045
x-served-by: cache-iad-kjyo7100117-IAD, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 50, 21562
x-timer: S1667983402.819481,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 113604
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash a16eca5b7198809dbb358c9b79d23470
80e695eb195bb09567e8a88ed278e4ae0c86bc89
5dde9d11b7ba2443529aec9b34a044529f2f93e3b609486d762d3d0e0e886277
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6526
Cache-Control: max-age=104405
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:21 GMT
Etag: "636a4380-139"
Expires: Thu, 10 Nov 2022 13:43:26 GMT
Last-Modified: Tue, 08 Nov 2022 11:54:40 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 7ad9d2347ab8e62ce95e5a6643371727
c064e801ecbe3febf0b6291b5115c0ba25c69395
14d47aa299018ca7f582ea39a17637491b110c1bd1eb7b5020d647958add7598
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157784
Date: Wed, 09 Nov 2022 08:43:21 GMT
Etag: "636b28ad-1d7"
Expires: Fri, 11 Nov 2022 04:33:05 GMT
Last-Modified: Wed, 09 Nov 2022 04:12:29 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UTljDxEh0XTQflQ_7471R7JWaAa5urBMXwTHGPPNEYHNipwY7TK4AA==
Age: 1236
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 7b5fb8b4c074b35d738707fcb818a426
806447c7d48be02484c1c16a41d6800fbc34ca5b
14ccedeb48c0bafe89843256ac5ad0f286fcbd48167c710fc551653d84bdfcc3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 08:43:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 15:27:38 GMT
Expires: Mon, 14 Nov 2022 15:27:37 GMT
Etag: "806447c7d48be02484c1c16a41d6800fbc34ca5b"
Cache-Control: max-age=455655,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767542a31aa1b4f4-OSL
region1.google-analytics.com/g/collect?v=2&tid=G-VJ36JWQDE1>m=2oeb70&_p=1548466490&cid=1798519934.1667983398&ul=en-us&sr=1280x1024&_s=1&sid=1667983397&sct=1&seg=0&dl=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&dt=Globezo.com%20is%20for%20sale&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-VJ36JWQDE1>m=2oeb70&_p=1548466490&cid=1798519934.1667983398&ul=en-us&sr=1280x1024&_s=1&sid=1667983397&sct=1&seg=0&dl=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&dt=Globezo.com%20is%20for%20sale&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-VJ36JWQDE1>m=2oeb70&_p=1548466490&cid=1798519934.1667983398&ul=en-us&sr=1280x1024&_s=1&sid=1667983397&sct=1&seg=0&dl=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&dt=Globezo.com%20is%20for%20sale&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.brandxy.com
date: Wed, 09 Nov 2022 08:43:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.13.2/js/vendor.module.js
151.101.86.109200 OK 118 kB URL HTTP/2 f.vimeocdn.com/p/4.13.2/js/vendor.module.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (65457)
Size 118 kB (117859 bytes)
Hash efda7cb04bdc9ecd62dd32f87553e470
869a056b3fe764b4b76a2b4a27ee4a519dacc3e4
33a816685cbe9284179da694713c8d2e7e12c37f9949cd7297edcbdafd102995
GET /p/4.13.2/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:21 GMT
age: 125045
x-served-by: cache-iad-kiad7000083-IAD, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 52, 27699
x-timer: S1667983402.959460,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 117859
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/events.js
54.227.177.109200 OK 5.4 kB URL HTTP/1.1 tags.srv.stackadapt.com/events.js
IP 54.227.177.109:0
File type ASCII text, with very long lines (16677)
Hash 3e86a713dc87955a5bcf3bf7240c52db
2fcdb1a68eafb6791612347464367fdd46b89a8d
c33e929177042aad2cfa22208b45f7e5337ec52877cf04e3455dda189d90f862
GET /events.js HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Content-Encoding: gzip
Content-Type: text/javascript
Date: Wed, 09 Nov 2022 08:43:21 GMT
Set-Cookie: sa-user-id=s%3A0-d8281876-f42d-45f7-57f1-ec220572e2ac.VLXY7tZa2b95%2BMoPTcUIN%2Bd4Bi0B%2FEUTOndq3moGfKo; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3A2CgYdvQtRfdX8ewiBXLirFtaKpo.wLzoihybVl%2FrAwnWXzsjgMHcuhl9k1k%2B8fgaiDpPBS0; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 5383
Connection: keep-alive
t.co/i/adsct?bci=3&eci=2&event_id=79dd9d70-7aa1-4d43-9b10-2ffa713f6932&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8a9478f6-682e-418a-a945-59c9cf8fddcc&tw_document_href=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=79dd9d70-7aa1-4d43-9b10-2ffa713f6932&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8a9478f6-682e-418a-a945-59c9cf8fddcc&tw_document_href=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=79dd9d70-7aa1-4d43-9b10-2ffa713f6932&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8a9478f6-682e-418a-a945-59c9cf8fddcc&tw_document_href=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:21 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=449b7e3b-54dd-476a-94f0-bfea13c01af6; Max-Age=63072000; Expires=Fri, 08 Nov 2024 08:43:21 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 5c84e059ecb417f3
strict-transport-security: max-age=0
x-response-time: 102
x-connection-hash: b5b4c7cd79e23d6c7a24b3e80ccbbb3b3f0335699dd25fed193d0aee06ff7738
X-Firefox-Spdy: h2
insights.algolia.io/1/events?X-Algolia-Application-Id=UY28JH5EE6&X-Algolia-API-Key=eef4bbb1b2bf44af3b7b0b62d16a28fb&X-Algolia-Agent=insights-js%20(1.3.0)%3B%20insights-gtm%20(1.0.1)
34.96.112.9200 OK 29 B URL HTTP/2 insights.algolia.io/1/events?X-Algolia-Application-Id=UY28JH5EE6&X-Algolia-API-Key=eef4bbb1b2bf44af3b7b0b62d16a28fb&X-Algolia-Agent=insights-js%20(1.3.0)%3B%20insights-gtm%20(1.0.1)
IP 34.96.112.9:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ca1d7c9f272503952d3bf37cc4a649bd
7129c38467ef8cd3e902fe034328071f5cd07602
e5ddba99266abd003aa6eef168bc2a2bea5e69b1e0d1fc4373150934ab5dd76a
POST /1/events?X-Algolia-Application-Id=UY28JH5EE6&X-Algolia-API-Key=eef4bbb1b2bf44af3b7b0b62d16a28fb&X-Algolia-Agent=insights-js%20(1.3.0)%3B%20insights-gtm%20(1.0.1) HTTP/1.1
Host: insights.algolia.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 144
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.brandxy.com
content-type: application/json
vary: Origin
date: Wed, 09 Nov 2022 08:43:21 GMT
content-length: 29
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.acsbapp.com/cache/app/brandxy.com/config.json
147.185.239.105200 OK 0 B URL HTTP/2 cdn.acsbapp.com/cache/app/brandxy.com/config.json
IP 147.185.239.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cache/app/brandxy.com/config.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Origin: https://www.brandxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Wed, 09 Nov 2022 08:43:22 GMT
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 7b5fb8b4c074b35d738707fcb818a426
806447c7d48be02484c1c16a41d6800fbc34ca5b
14ccedeb48c0bafe89843256ac5ad0f286fcbd48167c710fc551653d84bdfcc3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 08:43:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 15:27:38 GMT
Expires: Mon, 14 Nov 2022 15:27:37 GMT
Etag: "806447c7d48be02484c1c16a41d6800fbc34ca5b"
Cache-Control: max-age=455654,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767542a6aea2b4f4-OSL
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.86.109200 OK 997 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (1839)
Hash 3d2ec727486c897591d751098283c68f
7b2b2e59063caf74de6bf2c96bffb68b748f257d
10c72391adec6fe62bb10a273adff205864ceafcc63c664bcc4eb7902481ba8b
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:22 GMT
age: 1783563
x-served-by: cache-iad-kiad7000106-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 139, 196221
x-timer: S1667983402.086376,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.css
54.227.177.109200 OK 27 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.css
IP 54.227.177.109:0
Hash 83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Wed, 09 Nov 2022 08:43:22 GMT
Content-Length: 27
Connection: keep-alive
i.vimeocdn.com/video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d?mw=500&mh=278
151.101.86.109200 OK 9.8 kB URL HTTP/2 i.vimeocdn.com/video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d?mw=500&mh=278
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Hash 922313c878bae85b8dc6481be2d3acd7
222adb9f7479b097eb082d14b64a0ca1603c17bf
f85aaf1dda54a8a53bb005b6818bc4c2b16a60ad5f0454f61f6eadf8f92b94f5
GET /video/1451960391-27331ec81e39eb316fde7c35212ed6f1497510379d6f0a68a08f21f2c061fabc-d?mw=500&mh=278 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 922313c878bae85b8dc6481be2d3acd7
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-z2bt
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:22 GMT
age: 2569992
x-served-by: cache-dfw-kdfw8210138-DFW, cache-bma1646-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 100, 1
x-timer: S1667983402.103186,VS0,VE1
vary: Accept
content-length: 9810
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.old.min.js
23.36.76.210200 OK 3.1 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.old.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.old.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 24 Oct 2022 21:02:26 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=70733
date: Wed, 09 Nov 2022 08:43:22 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=faaf8472-a75a-4f89-82a1-54e9b203f2ff&sid=8f2574d0600a11ed9c94e1c6f2172bc7&vid=8f258440600a11ed96edcf3c50f0407e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Globezo.com%20is%20for%20sale&p=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&r=<=3557&evt=pageLoad&sv=1&rn=383940
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=faaf8472-a75a-4f89-82a1-54e9b203f2ff&sid=8f2574d0600a11ed9c94e1c6f2172bc7&vid=8f258440600a11ed96edcf3c50f0407e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Globezo.com%20is%20for%20sale&p=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&r=<=3557&evt=pageLoad&sv=1&rn=383940
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=15226519&tm=gtm002&Ver=2&mid=faaf8472-a75a-4f89-82a1-54e9b203f2ff&sid=8f2574d0600a11ed9c94e1c6f2172bc7&vid=8f258440600a11ed96edcf3c50f0407e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Globezo.com%20is%20for%20sale&p=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&r=<=3557&evt=pageLoad&sv=1&rn=383940 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1B5EA610A4AC6F910DFBB447A5596E0B; domain=.bing.com; expires=Mon, 04-Dec-2023 08:43:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 85E5B247B1AF47B0850D12EDBB1A823A Ref B: OSL30EDGE0517 Ref C: 2022-11-09T08:43:22Z
date: Wed, 09 Nov 2022 08:43:21 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=faaf8472-a75a-4f89-82a1-54e9b203f2ff&sid=8f2574d0600a11ed9c94e1c6f2172bc7&vid=8f258440600a11ed96edcf3c50f0407e&vids=0&msclkid=N&pagetype=product&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=473274
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=faaf8472-a75a-4f89-82a1-54e9b203f2ff&sid=8f2574d0600a11ed9c94e1c6f2172bc7&vid=8f258440600a11ed96edcf3c50f0407e&vids=0&msclkid=N&pagetype=product&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=473274
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=15226519&tm=gtm002&Ver=2&mid=faaf8472-a75a-4f89-82a1-54e9b203f2ff&sid=8f2574d0600a11ed9c94e1c6f2172bc7&vid=8f258440600a11ed96edcf3c50f0407e&vids=0&msclkid=N&pagetype=product&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=473274 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=35FC8B5066CA6EC4288C9907673F6F9F; domain=.bing.com; expires=Mon, 04-Dec-2023 08:43:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 218C9213E08048FB91BC06A69957CF3A Ref B: OSL30EDGE0517 Ref C: 2022-11-09T08:43:22Z
date: Wed, 09 Nov 2022 08:43:21 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 280937c8e5118a2c79b44455ac814cc8
2b0739876899dadc94292c8d3a25d41eb18d979d
3175e8f22bc806bd6c5c60852e76e969f33040b090384c70db75fc5326ee90c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 280937c8e5118a2c79b44455ac814cc8
2b0739876899dadc94292c8d3a25d41eb18d979d
3175e8f22bc806bd6c5c60852e76e969f33040b090384c70db75fc5326ee90c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f0a2b1e32df4a91cc58ef6aeff8fb184
73a2060c99a6633d03d8b00d45c96941f99dcde1
ade5e80916bfb0a1963da196fc60c17de1e1e758293e468b4a9c305f7555d997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 1931a24cef308b04255b7e4cd085ff3b
288140dd25e170bac9bbc101a3c43e983745e71f
7f9273d916432f22793422ae1921cde6aaac5675560d8c4318ad73f453cf55d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3889
Cache-Control: max-age=142800
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:22 GMT
Etag: "636ae3c9-139"
Expires: Fri, 11 Nov 2022 00:23:22 GMT
Last-Modified: Tue, 08 Nov 2022 23:18:33 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
www.google.no/pagead/1p-user-list/1030947153/?random=1667983397842&cv=11&fst=1667980800000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3540031124&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1667983397842&cv=11&fst=1667980800000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3540031124&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1667983397842&cv=11&fst=1667980800000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3540031124&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 08:43:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1030947153/?random=1667983397614&cv=11&fst=1667980800000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=W8iuCN6Ppc4CENGCzOsD&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&fmt=3&is_vtc=1&random=1307680441&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1667983397614&cv=11&fst=1667980800000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=W8iuCN6Ppc4CENGCzOsD&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&fmt=3&is_vtc=1&random=1307680441&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1667983397614&cv=11&fst=1667980800000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=W8iuCN6Ppc4CENGCzOsD&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&fmt=3&is_vtc=1&random=1307680441&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 08:43:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1030947153/?random=1667983397572&cv=11&fst=1667980800000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&data=ecomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=3775501165&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030947153/?random=1667983397572&cv=11&fst=1667980800000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&data=ecomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=3775501165&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030947153/?random=1667983397572&cv=11&fst=1667980800000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&data=ecomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=3775501165&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 08:43:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/1030947153/?random=1667983397588&cv=11&fst=1667983397588&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&value=0&bttype=purchase&auid=143446682.1667983398&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/1030947153/?random=1667983397588&cv=11&fst=1667983397588&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&value=0&bttype=purchase&auid=143446682.1667983398&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1030947153/?random=1667983397588&cv=11&fst=1667983397588&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=DP_eCJK8xO0BENGCzOsD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tiba=Globezo.com%20is%20for%20sale&value=0&bttype=purchase&auid=143446682.1667983398&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 08:43:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.246.53200 OK 55 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (55029)
Hash 441723b72633b1ac9757ad7c63168005
806166ca9ebb5839dd90a5e5c9335e3e0b18c169
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 55116
content-type: application/javascript;charset=utf-8
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8eec314a76b4c"
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 0KmhrYwAAAAC5OqrtCdYcQKSsqFLyorOOU1ZHMjBFREdFMDYxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 09 Nov 2022 08:43:22 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f0a2b1e32df4a91cc58ef6aeff8fb184
73a2060c99a6633d03d8b00d45c96941f99dcde1
ade5e80916bfb0a1963da196fc60c17de1e1e758293e468b4a9c305f7555d997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=79dd9d70-7aa1-4d43-9b10-2ffa713f6932&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8a9478f6-682e-418a-a945-59c9cf8fddcc&tw_document_href=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
104.244.42.67200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=79dd9d70-7aa1-4d43-9b10-2ffa713f6932&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8a9478f6-682e-418a-a945-59c9cf8fddcc&tw_document_href=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29
IP 104.244.42.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=79dd9d70-7aa1-4d43-9b10-2ffa713f6932&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8a9478f6-682e-418a-a945-59c9cf8fddcc&tw_document_href=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:21 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_ZlGMm4Fo009yC/l44KX7Ag=="; Max-Age=63072000; Expires=Fri, 08 Nov 2024 08:43:22 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: eb3e8cb7ae479c10
strict-transport-security: max-age=631138519
x-response-time: 104
x-connection-hash: e9a4b6fdb204f53ec07f59448da46629686b3d40201251fd4dff3a96af8a63ba
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1667983399029&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1667983399029&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34987&time=1667983399029&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1667983399029%26url%3Dhttps%253A%252F%252Fwww.brandxy.com%252Fname%252FGlobezo.com%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKJ54KLyjI-ygAAAYRbjuYT3u0FfyvCc11xPVLLYwTiWouNtBx6kfw7sglLWMQqhXQFz_P57--BiQ; Max-Age=2592000; Expires=Fri, 09 Dec 2022 08:43:22 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKESJfUtfPXaAAAAYRbjuYTAA9Ccj0zfJJonLSeb1P37ilPbhZM6vuu9CKCTeHTl5rZUAS7RpkgsjHoAOcKIA; Max-Age=2592000; Expires=Fri, 09 Dec 2022 08:43:22 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&72e158b2-c353-497d-82e7-fa7878cfb54e"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 09-Nov-2023 08:43:22 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2426:u=1:x=1:i=1667983402:t=1668069802:v=2:sig=AQEPrwWPQqo5Udn8ZnKKQhy_7xnBAvvc"; Expires=Thu, 10 Nov 2022 08:43:22 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXtBaYymr7iJnbniFWSBQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 236BDA683B134122B93C81CAC8D53FE3 Ref B: OSL30EDGE0515 Ref C: 2022-11-09T08:43:22Z
date: Wed, 09 Nov 2022 08:43:21 GMT
content-length: 0
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc
70.42.32.63200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc
IP 70.42.32.63:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00307c4941e2958412d6d5d587832791fc HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 08:43:22 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 3b0e569c741e349a676894582a3c0852
content-encoding: gzip
www.brandxy.com/controllers/marketplace.php?action=record_show_page&mp_domain_id=116420&domain_selling_price=1999&date_recache_time=2022-11-09&query_id=
54.210.75.214200 OK 106 B URL HTTP/1.1 www.brandxy.com/controllers/marketplace.php?action=record_show_page&mp_domain_id=116420&domain_selling_price=1999&date_recache_time=2022-11-09&query_id=
IP 54.210.75.214:0
Hash 5fe282243f9aa6f837d3a2b042c0986f
c92dc60e64943cb59b0f532066b81dfdd02b0cc6
775bb2db87627540e50e4afb88a2950ba9fc46a06def354f4c2ab3327686484b
GET /controllers/marketplace.php?action=record_show_page&mp_domain_id=116420&domain_selling_price=1999&date_recache_time=2022-11-09&query_id= HTTP/1.1
Host: www.brandxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.brandxy.com/name/Globezo.com
Cookie: PHPSESSID=7eii42phomesjsgaa0su9ivm23; uhash=d332a45ffa14f2ee; _gcl_au=1.1.143446682.1667983398; ahash=PjdeX3WBs; lpg=/name/globezo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 08:43:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 106
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-options: nosniff
Set-Cookie: smart_cat_id=618; expires=Fri, 09-Dec-2022 08:43:22 GMT; Max-Age=2592000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
tags.srv.stackadapt.com/sa.jpeg
54.227.177.109200 OK 651 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.jpeg
IP 54.227.177.109:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash dc7a27edefdefb9e70ef2e877d423dc8
05e1c6eb76041d57ffe44a0e079b3f95d43c2d7d
d6948b83864e8c2148de011d7e0cc4ad328ad35df0eb9b6e5b08030c973247d9
GET /sa.jpeg HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Origin: https://www.brandxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: image/jpeg
Date: Wed, 09 Nov 2022 08:43:22 GMT
Content-Length: 651
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.35:0
Hash 50a7cb4ca9849e08320d018ae259abff
5500945559dd6f9e2127b6205042bcffc27ff3dd
d509569659c6d20b1bdb986f799ced55dbbe7550e92b586efbe74971fee46895
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.35:0
Hash 50a7cb4ca9849e08320d018ae259abff
5500945559dd6f9e2127b6205042bcffc27ff3dd
d509569659c6d20b1bdb986f799ced55dbbe7550e92b586efbe74971fee46895
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-1&cid=1798519934.1667983398&jid=1790829932&gjid=1386572526&_gid=2127813954.1667983398&_u=aCDAgEADQAAAAGAAI~&z=775335294
64.233.165.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-1&cid=1798519934.1667983398&jid=1790829932&gjid=1386572526&_gid=2127813954.1667983398&_u=aCDAgEADQAAAAGAAI~&z=775335294
IP 64.233.165.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-1&cid=1798519934.1667983398&jid=1790829932&gjid=1386572526&_gid=2127813954.1667983398&_u=aCDAgEADQAAAAGAAI~&z=775335294 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.brandxy.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 09 Nov 2022 08:43:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-4&cid=1798519934.1667983398&jid=945607444&gjid=1390241440&_gid=2127813954.1667983398&_u=KCDAAEACQAAAACAAI~&z=21028381
64.233.165.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-4&cid=1798519934.1667983398&jid=945607444&gjid=1390241440&_gid=2127813954.1667983398&_u=KCDAAEACQAAAACAAI~&z=21028381
IP 64.233.165.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11585500-4&cid=1798519934.1667983398&jid=945607444&gjid=1390241440&_gid=2127813954.1667983398&_u=KCDAAEACQAAAACAAI~&z=21028381 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.brandxy.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 09 Nov 2022 08:43:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&t=Globezo.com%20is%20for%20sale&tip=fuSBwvSe_PV7FYJdemF_crtD8ouo_1pp3VHs4ry6ehc&host=https://www.brandxy.com&sa-user-id-v2=s%253A2CgYdvQtRfdX8ewiBXLirFtaKpo.wLzoihybVl%252FrAwnWXzsjgMHcuhl9k1k%252B8fgaiDpPBS0&sa-user-id=s%253A0-d8281876-f42d-45f7-57f1-ec220572e2ac.VLXY7tZa2b95%252BMoPTcUIN%252Bd4Bi0B%252FEUTOndq3moGfKo
54.227.177.109200 OK 94 B URL HTTP/1.1 tags.srv.stackadapt.com/saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&t=Globezo.com%20is%20for%20sale&tip=fuSBwvSe_PV7FYJdemF_crtD8ouo_1pp3VHs4ry6ehc&host=https://www.brandxy.com&sa-user-id-v2=s%253A2CgYdvQtRfdX8ewiBXLirFtaKpo.wLzoihybVl%252FrAwnWXzsjgMHcuhl9k1k%252B8fgaiDpPBS0&sa-user-id=s%253A0-d8281876-f42d-45f7-57f1-ec220572e2ac.VLXY7tZa2b95%252BMoPTcUIN%252Bd4Bi0B%252FEUTOndq3moGfKo
IP 54.227.177.109:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2d12c1129f6ff37622d03db4a2a5949e
bc44653c4a06e671ce423600755fed86fad8ec24
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
GET /saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&t=Globezo.com%20is%20for%20sale&tip=fuSBwvSe_PV7FYJdemF_crtD8ouo_1pp3VHs4ry6ehc&host=https://www.brandxy.com&sa-user-id-v2=s%253A2CgYdvQtRfdX8ewiBXLirFtaKpo.wLzoihybVl%252FrAwnWXzsjgMHcuhl9k1k%252B8fgaiDpPBS0&sa-user-id=s%253A0-d8281876-f42d-45f7-57f1-ec220572e2ac.VLXY7tZa2b95%252BMoPTcUIN%252Bd4Bi0B%252FEUTOndq3moGfKo HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.brandxy.com
Content-Type: text/plain; charset=utf-8
Date: Wed, 09 Nov 2022 08:43:22 GMT
Content-Length: 94
Connection: keep-alive
www.facebook.com/tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&rl=&if=false&ts=1667983399605&sw=1280&sh=1024&v=2.9.89&r=canary&a=tmSimo-GTM-WebTemplate&ec=0&o=30&ttf=4253&tts=3115&ttse=4247&fbp=fb.1.1667983399604.1930179609&it=1667983398468&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&rl=&if=false&ts=1667983399605&sw=1280&sh=1024&v=2.9.89&r=canary&a=tmSimo-GTM-WebTemplate&ec=0&o=30&ttf=4253&tts=3115&ttse=4247&fbp=fb.1.1667983399604.1930179609&it=1667983398468&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&rl=&if=false&ts=1667983399605&sw=1280&sh=1024&v=2.9.89&r=canary&a=tmSimo-GTM-WebTemplate&ec=0&o=30&ttf=4253&tts=3115&ttse=4247&fbp=fb.1.1667983399604.1930179609&it=1667983398468&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 09 Nov 2022 08:43:22 GMT
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1667983399029%26url%3Dhttps%253A%252F%252Fwww.brandxy.com%252Fname%252FGlobezo.com%26liSync%3Dtrue
13.107.42.14302 Found 87 kB URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1667983399029%26url%3Dhttps%253A%252F%252Fwww.brandxy.com%252Fname%252FGlobezo.com%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type gzip compressed data, from Unix\012- data
Hash c27a57c244ed2e576360a6b1ff8232a6
45d488ce369a3547a33fbe796c12255ab0b7e9b5
4b438b42ab60cdb0307761043adf90df00de4fc0c8efdf0452542cc9ea74e4ad
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1667983399029%26url%3Dhttps%253A%252F%252Fwww.brandxy.com%252Fname%252FGlobezo.com%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1667983399029&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&17a362b2-aa3f-41b2-8e6b-a81a1b890539"; Domain=.linkedin.com; Expires=Thu, 09-Nov-2023 08:43:22 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221109084322081880f3-8e7a-4e72-85ee-af62cf822d74AQEmi0mHIYDdCB0CtfjvoBzWuTtLEJSR"; Domain=.www.linkedin.com; Expires=Thu, 09-Nov-2023 08:43:22 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2Njc5ODM0MDI7MjswMjGHg1H15ibG/5hWWsq5Yg1EfPOGLb+Swy0HkHydtWIUQw==; Domain=.linkedin.com; Expires=Mon, 08 May 2023 08:43:22 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2426:u=1:x=1:i=1667983402:t=1668069802:v=2:sig=AQEPrwWPQqo5Udn8ZnKKQhy_7xnBAvvc"; Expires=Thu, 10 Nov 2022 08:43:22 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com *.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXtBaY4h7AbQmD6FArGNg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BA31566BE96F41E481958CB32745FFEF Ref B: OSL30EDGE0515 Ref C: 2022-11-09T08:43:22Z
date: Wed, 09 Nov 2022 08:43:21 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=adb55734a6c9a33ea34e2162e092b472fb733fc31667983401
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=adb55734a6c9a33ea34e2162e092b472fb733fc31667983401
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=adb55734a6c9a33ea34e2162e092b472fb733fc31667983401 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1475
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Wed, 09 Nov 2022 08:43:22 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Wed, 09 Nov 2022 08:43:22 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.35:0
Hash 50a7cb4ca9849e08320d018ae259abff
5500945559dd6f9e2127b6205042bcffc27ff3dd
d509569659c6d20b1bdb986f799ced55dbbe7550e92b586efbe74971fee46895
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 08:43:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1667983399029&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1667983399029&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34987&time=1667983399029&url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&8d649938-a3da-49d6-8330-916446df1192"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 09-Nov-2023 08:43:23 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2413:u=1:x=1:i=1667983403:t=1668069803:v=2:sig=AQE43BZn_ZrWP3GMidB2id1A_YpfwjI5"; Expires=Thu, 10 Nov 2022 08:43:23 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXtBaY65g/WK1OyWDeabw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 35698A9434674747AFFF0B9E676925DA Ref B: OSL30EDGE0515 Ref C: 2022-11-09T08:43:22Z
date: Wed, 09 Nov 2022 08:43:22 GMT
content-length: 0
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 697
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.brandxy.com
access-control-allow-credentials: true
date: Wed, 09 Nov 2022 08:43:22 GMT
X-Firefox-Spdy: h2
trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=1600&scd=30&ssd=1&est=1667983398488&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1667983400094&vi=1667983398485&ri=690040e193a8b5c31f4143ad31221d55&ref=null&cv=20221106-3-RELEASE&item-url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=1600&scd=30&ssd=1&est=1667983398488&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1667983400094&vi=1667983398485&ri=690040e193a8b5c31f4143ad31221d55&ref=null&cv=20221106-3-RELEASE&item-url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1344021/log/3/unip?en=pre_d_eng_tb&tos=1600&scd=30&ssd=1&est=1667983398488&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1667983400094&vi=1667983398485&ri=690040e193a8b5c31f4143ad31221d55&ref=null&cv=20221106-3-RELEASE&item-url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 09 Nov 2022 08:43:23 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.brandxy.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
bat.bing.com/p/action/15226519.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/15226519.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/15226519.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=109E3CC32B9C67AF1C562E942A696611; domain=.bing.com; expires=Mon, 04-Dec-2023 08:43:23 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6613A8FB284048718090F52FC6010A5D Ref B: OSL30EDGE0517 Ref C: 2022-11-09T08:43:22Z
date: Wed, 09 Nov 2022 08:43:22 GMT
X-Firefox-Spdy: h2
widget.intercom.io/widget/ld9mkn53
54.230.111.86302 Found 0 B URL HTTP/2 widget.intercom.io/widget/ld9mkn53
IP 54.230.111.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget/ld9mkn53 HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://js.intercomcdn.com/shim.latest.js
date: Mon, 07 Nov 2022 14:42:35 GMT
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6hs43U5CX4CZP7u_jrhv2aAdSh8Ts4tujj5-k7XKs0LLdOn95XThuw==
age: 151249
cache-control: max-age=86400
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:23 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 507
x-timer: S1667983404.903529,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
js.intercomcdn.com/shim.latest.js
54.230.111.118200 OK 6.2 kB URL HTTP/2 js.intercomcdn.com/shim.latest.js
IP 54.230.111.118:0
File type Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Hash eb3bdfb20aa1145f986197bbaf014844
83df1e638638c6fad6e3a146cbb5abce5927029a
28f85400b349a278ba6e4e31f8c25fa3206a62352f375992d5c741fa6fc2fc85
GET /shim.latest.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6171
date: Wed, 09 Nov 2022 08:38:39 GMT
last-modified: Tue, 08 Nov 2022 14:08:31 GMT
x-amz-server-side-encryption: AES256
cache-control: max-age=300, s-maxage=300, public
content-encoding: gzip
x-amz-version-id: tSYo_qLHDfUuEHFTBFvbDTEaxz7GNOcz
accept-ranges: bytes
server: AmazonS3
etag: "eb3bdfb20aa1145f986197bbaf014844"
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: C4t_WEChLfMIty9Xu5iamlmJIDMxh5aBrJGOsoQIckIJ63MkyvJ9Cg==
age: 285
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
js.intercomcdn.com/frame.57aa9d86.js
54.230.111.118200 OK 136 kB URL HTTP/2 js.intercomcdn.com/frame.57aa9d86.js
IP 54.230.111.118:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 136 kB (136132 bytes)
Hash dc7917f767ca89467464161eda8f1bf3
6c4868ffd59677c6666ab6e331d248819e891321
a0e7c53fc6b4938ee3bfb63bda100e6d08ab158a57369d2bed7b8124b8ef0477
GET /frame.57aa9d86.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 136132
last-modified: Tue, 08 Nov 2022 14:06:53 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: RtXY79JWNrCkKe9cX4sNHIbXqgvzBtef
accept-ranges: bytes
server: AmazonS3
date: Wed, 09 Nov 2022 08:08:36 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "dc7917f767ca89467464161eda8f1bf3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MSxfYmyA15tSkXpckAltQWZfUbCzIJSvvWnLWYUWn6B9Z0bXX94ogQ==
age: 2088
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 9c236fa3d2b86ef1b7eb77e47e859c23
620ad0305bcfa553cbeab2a40e2ab7691128de6e
bcd8b11067dc2680fa7717f9b5f017942b0c57d9403700c8390786249c5a9d9f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117214
Date: Wed, 09 Nov 2022 08:43:23 GMT
Etag: "636a82d7-1d7"
Expires: Thu, 10 Nov 2022 17:16:57 GMT
Last-Modified: Tue, 08 Nov 2022 16:24:55 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Edj0UD5v8DtHDLF8eRj4qEFTAvU46Bv6xs8vQcrNTJkutrhEgrAkIA==
Age: 3122
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash f1cb5a02bedfc5595b3637878d4a891b
c67dcc46bf82a8ce6badb9c65f53147945082a56
031f7796974bf92f1ff73626bf7d601fca112eb3e549f9bb44b724ba5c72a951
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119514
Date: Wed, 09 Nov 2022 08:43:23 GMT
Etag: "636a8456-1d7"
Expires: Thu, 10 Nov 2022 17:55:17 GMT
Last-Modified: Tue, 08 Nov 2022 16:31:18 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CiBw6THoGovZxOQKCYcRFuDD6FLiU4YQl4ztEWIAdyM2k5vp9v-V8w==
Age: 5039
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash e9f76b2cdd10ab7dcf9a92845fc5213f
64686d9856c1b6aeded3f81ab50e7ff298237b25
09be21af41ff4ceaf7e7d77ade2232c312d0f003bbd60c69e0bc0d9c147a824a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100567
Date: Wed, 09 Nov 2022 08:43:23 GMT
Etag: "636a4215-1d7"
Expires: Thu, 10 Nov 2022 12:39:30 GMT
Last-Modified: Tue, 08 Nov 2022 11:48:37 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SU70D3BUpIYZqWzwELeBZ3lu2RqZizpF88f0-S3IsmrIolo6zjbZfw==
Age: 3053
script.fixel.ai/script/Fixel.min.js
54.230.111.29200 OK 7.6 kB URL HTTP/2 script.fixel.ai/script/Fixel.min.js
IP 54.230.111.29:0
Hash deef16a61a5dfab876d3837f44186d4a
5cf199bbbbd379248c8840f1cb525432a922b0c1
6b720744eecb0cbc8b057a786e5a06be2b364375ecd11f5edc11cbb6a550bbbe
GET /script/Fixel.min.js HTTP/1.1
Host: script.fixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 31 May 2021 09:44:32 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: qn3ku6T2KTYfiw1ZK.qbHtFFDfyG1XJc
server: AmazonS3
content-encoding: gzip
date: Wed, 09 Nov 2022 08:43:04 GMT
etag: W/"bd757ff2fd05d44091740f66680801be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ujAIfVhNphf8owHXcGIPsAH9dTyHKIJvFEQ342d5WQiGPyFZU76J7Q==
age: 430
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=80725DD571824217B9C8683D2FDFFB2D&RedC=c.clarity.ms&MXFR=21AA7068B53866D82EB4623FB13868AE
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=21AA7068B53866D82EB4623FB13868AE; domain=.clarity.ms; expires=Mon, 04-Dec-2023 08:43:24 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 09 Nov 2022 08:43:23 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=80725DD571824217B9C8683D2FDFFB2D&RedC=c.clarity.ms&MXFR=21AA7068B53866D82EB4623FB13868AE
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=80725DD571824217B9C8683D2FDFFB2D&RedC=c.clarity.ms&MXFR=21AA7068B53866D82EB4623FB13868AE
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=80725DD571824217B9C8683D2FDFFB2D&RedC=c.clarity.ms&MXFR=21AA7068B53866D82EB4623FB13868AE HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=80725DD571824217B9C8683D2FDFFB2D&MUID=280D9414F21063021DE88643F3E562BC
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=280D9414F21063021DE88643F3E562BC; domain=c.bing.com; expires=Mon, 04-Dec-2023 08:43:24 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E1A5E2B79F1F409AB4009A69E6930921 Ref B: OSL30EDGE0517 Ref C: 2022-11-09T08:43:24Z
date: Wed, 09 Nov 2022 08:43:23 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=80725DD571824217B9C8683D2FDFFB2D&MUID=280D9414F21063021DE88643F3E562BC
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=80725DD571824217B9C8683D2FDFFB2D&MUID=280D9414F21063021DE88643F3E562BC
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=80725DD571824217B9C8683D2FDFFB2D&MUID=280D9414F21063021DE88643F3E562BC HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.brandxy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 09-Nov-2022 08:53:24 GMT; path=/; SameSite=None; Secure;
date: Wed, 09 Nov 2022 08:43:23 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 38233
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.brandxy.com
access-control-allow-credentials: true
date: Wed, 09 Nov 2022 08:43:23 GMT
X-Firefox-Spdy: h2
bam.nr-data.net/1/a159e7928d?a=126710130&v=1216.487a282&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=6417&ck=1&ref=https://www.brandxy.com/name/Globezo.com&ap=800&be=2471&fe=6327&dc=3436&perf=%7B%22timing%22:%7B%22of%22:1667983394210,%22n%22:0,%22f%22:1140,%22dn%22:1143,%22dne%22:1177,%22c%22:1177,%22s%22:1279,%22ce%22:1490,%22rq%22:1490,%22rp%22:2441,%22rpe%22:2443,%22dl%22:2453,%22di%22:3414,%22ds%22:3435,%22de%22:3557,%22dc%22:6326,%22l%22:6326,%22le%22:6331%7D,%22navigation%22:%7B%7D%7D&fcp=3092&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/a159e7928d?a=126710130&v=1216.487a282&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=6417&ck=1&ref=https://www.brandxy.com/name/Globezo.com&ap=800&be=2471&fe=6327&dc=3436&perf=%7B%22timing%22:%7B%22of%22:1667983394210,%22n%22:0,%22f%22:1140,%22dn%22:1143,%22dne%22:1177,%22c%22:1177,%22s%22:1279,%22ce%22:1490,%22rq%22:1490,%22rp%22:2441,%22rpe%22:2443,%22dl%22:2453,%22di%22:3414,%22ds%22:3435,%22de%22:3557,%22dc%22:6326,%22l%22:6326,%22le%22:6331%7D,%22navigation%22:%7B%7D%7D&fcp=3092&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/a159e7928d?a=126710130&v=1216.487a282&to=Y1NTZ0ZUDUVRUkZbVloZZEFdGk0cQFlC&rst=6417&ck=1&ref=https://www.brandxy.com/name/Globezo.com&ap=800&be=2471&fe=6327&dc=3436&perf=%7B%22timing%22:%7B%22of%22:1667983394210,%22n%22:0,%22f%22:1140,%22dn%22:1143,%22dne%22:1177,%22c%22:1177,%22s%22:1279,%22ce%22:1490,%22rq%22:1490,%22rp%22:2441,%22rpe%22:2443,%22dl%22:2453,%22di%22:3414,%22ds%22:3435,%22de%22:3557,%22dc%22:6326,%22l%22:6326,%22le%22:6331%7D,%22navigation%22:%7B%7D%7D&fcp=3092&at=TxRQEQ5OHks%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 08:43:24 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 767542b358b1b512-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=83c8bd0f1a16390e; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
script.fixel.ai/config/FXL-1150-2383.json
54.230.111.29200 OK 0 B URL HTTP/2 script.fixel.ai/config/FXL-1150-2383.json
IP 54.230.111.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /config/FXL-1150-2383.json HTTP/1.1
Host: script.fixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.brandxy.com/
Origin: https://www.brandxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Wed, 09 Nov 2022 08:43:25 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cd5vLsQR4PTMNX7caOaxGp_S5aDBiXJDlCV8kPzeoVSXdskAZTpaWw==
X-Firefox-Spdy: h2
script.fixel.ai/config/FXL-1150-2383.json
54.230.111.29200 OK 152 B URL HTTP/2 script.fixel.ai/config/FXL-1150-2383.json
IP 54.230.111.29:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 651a6d3ba7143f83f44261232093a38c
43e11c4cc441663daf605df0414947c8756f2155
7a5cfb625e89e99af010b95040c9b9fdd6f518b9b87da64206c00fbb120933d1
GET /config/FXL-1150-2383.json HTTP/1.1
Host: script.fixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 152
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Mon, 01 Feb 2021 10:13:36 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: VlbH.UIcLlGlg9QOIym1wMb.PKZS9R_3
accept-ranges: bytes
server: AmazonS3
date: Wed, 09 Nov 2022 08:43:25 GMT
etag: "651a6d3ba7143f83f44261232093a38c"
vary: Origin
x-cache: RefreshHit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NRw_9JXaCd1WJ21_JX9BB7ASTI7DCkJpsMQWj2iXHVKSOHmYDlCkWw==
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash b98fe6f7aa278a94e31e2b648713e88d
b3e915baff2fc3c680e5eeaa6d2c931102caa488
ffb3a22fb4ebe582e1984570f0621adaedb4d57d86b5d84a885b8ff5b95cd5b9
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110273
Date: Wed, 09 Nov 2022 08:43:24 GMT
Etag: "636a707a-1d7"
Expires: Thu, 10 Nov 2022 15:21:17 GMT
Last-Modified: Tue, 08 Nov 2022 15:06:34 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lSGT2CGJUo5G9Fe0JpztfiF7Ha-O0THXv70GVu2vo8C1Xopx9cL7vw==
Age: 883
api.fixelapp.com/api/v2/grade/FXL-1150-2383
54.235.83.20503 Service Unavailable: Back-end server is at capacity 0 B URL HTTP/1.1 api.fixelapp.com/api/v2/grade/FXL-1150-2383
IP 54.235.83.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/grade/FXL-1150-2383 HTTP/1.1
Host: api.fixelapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 399
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 503 Service Unavailable: Back-end server is at capacity
Content-Length: 0
Connection: keep-alive
nexus-websocket-a.intercom.io/pubsub/5-SxkIB9EJSN5nJr96T3ZmgvxN_2M88tY4DcdrpZ4hm5rP1Q64lucO2LcxxKsKm5A6u2og8gxlQFcfMGYoJEqRvDKNXFIk-nX7NcJq?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
35.174.127.31101 Switching Protocols 0 B URL HTTP/1.1 nexus-websocket-a.intercom.io/pubsub/5-SxkIB9EJSN5nJr96T3ZmgvxN_2M88tY4DcdrpZ4hm5rP1Q64lucO2LcxxKsKm5A6u2og8gxlQFcfMGYoJEqRvDKNXFIk-nX7NcJq?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
IP 35.174.127.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pubsub/5-SxkIB9EJSN5nJr96T3ZmgvxN_2M88tY4DcdrpZ4hm5rP1Q64lucO2LcxxKsKm5A6u2og8gxlQFcfMGYoJEqRvDKNXFIk-nX7NcJq?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.brandxy.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KU9UhVpPmi38Tua3K2xe7w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 09 Nov 2022 08:43:25 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CGC18E5TT608P1pGR03abRMpBG8=
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 10466
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.brandxy.com
access-control-allow-credentials: true
date: Wed, 09 Nov 2022 08:43:25 GMT
X-Firefox-Spdy: h2
trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=4603&scd=30&ssd=1&est=1667983398488&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1667983403098&vi=1667983398485&ri=690040e193a8b5c31f4143ad31221d55&ref=null&cv=20221106-3-RELEASE&item-url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=4603&scd=30&ssd=1&est=1667983398488&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1667983403098&vi=1667983398485&ri=690040e193a8b5c31f4143ad31221d55&ref=null&cv=20221106-3-RELEASE&item-url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1344021/log/3/unip?en=pre_d_eng_tb&tos=4603&scd=30&ssd=1&est=1667983398488&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1667983403098&vi=1667983398485&ri=690040e193a8b5c31f4143ad31221d55&ref=null&cv=20221106-3-RELEASE&item-url=https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 09 Nov 2022 08:43:26 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.brandxy.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
api.fixelapp.com/api/v2/grade/FXL-1150-2383
54.235.83.20503 Service Unavailable: Back-end server is at capacity 0 B URL HTTP/1.1 api.fixelapp.com/api/v2/grade/FXL-1150-2383
IP 54.235.83.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/grade/FXL-1150-2383 HTTP/1.1
Host: api.fixelapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 187
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 503 Service Unavailable: Back-end server is at capacity
Content-Length: 0
Connection: keep-alive
js.intercomcdn.com/vendor.e32cd6fb.js
54.230.111.118200 OK 0 B URL HTTP/2 js.intercomcdn.com/vendor.e32cd6fb.js
IP 54.230.111.118:0
GET /vendor.e32cd6fb.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108164
last-modified: Tue, 08 Nov 2022 10:12:40 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: XD0hX7lCIAvIZrzueNBfMnpQgu69I3kW
accept-ranges: bytes
server: AmazonS3
date: Wed, 09 Nov 2022 08:24:58 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "d9adb65e736bccd329ceeea668fb5a87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: oPCF1fyUpuwy8x0D6jiw64pK76eZQugh9wBXy7rk8zF5pcLpVAGwWA==
age: 1106
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.squadhelp.com/name/globezo?lp=d
104.22.52.96302 Found 0 B URL HTTP/2 www.squadhelp.com/name/globezo?lp=d
IP 104.22.52.96:0
GET /name/globezo?lp=d HTTP/1.1
Host: www.squadhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 09 Nov 2022 08:43:18 GMT
content-type: text/html; charset=UTF-8
location: https://www.brandxy.com/name/Globezo.com
endpoint: sh-live-next
cf-cache-status: BYPASS
set-cookie: __cf_bm=JvsH_p7TH6Esx..791UHDoAJafpWRfZ4sbPzSlZjnMg-1667983398-0-AR5wGIat3c3W7BWhyuxEaSEHtTPUHs/hyHbiX3i5U/esh4D7FdZeknlPEX9uMlrQeM024a4ifNGHe3S4h2+Pfxc=; path=/; expires=Wed, 09-Nov-22 09:13:18 GMT; domain=.squadhelp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675428d2d4cb4fd-OSL
X-Firefox-Spdy: h2
www.clarity.ms/tag/4z07348o66
13.107.246.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/4z07348o66
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/4z07348o66 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=92f9ae1c1a604e3ca6d40f7bf33fc3dd.20221109.20231109; expires=Thu, 09 Nov 2023 08:43:21 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-cache: CONFIG_NOCACHE
x-azure-ref: 0KWhrYwAAAACwp4U/Q+u8Q7n6QyOp+HCyU1ZHMjBFREdFMDYxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 09 Nov 2022 08:43:21 GMT
X-Firefox-Spdy: h2
trc.taboola.com/1344021/trc/3/json?tim=1667983398497&data=%7B%22id%22%3A534%2C%22ii%22%3A%22%2Fname%2Fglobezo%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667983398485%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667983398496%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A30%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/1344021/trc/3/json?tim=1667983398497&data=%7B%22id%22%3A534%2C%22ii%22%3A%22%2Fname%2Fglobezo%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667983398485%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667983398496%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A30%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
GET /1344021/trc/3/json?tim=1667983398497&data=%7B%22id%22%3A534%2C%22ii%22%3A%22%2Fname%2Fglobezo%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667983398485%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667983398496%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.brandxy.com%2Fname%2FGlobezo.com%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A30%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 08:43:22 GMT
via: 1.1 varnish
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667983402.225696,VS0,VE102
vary: Accept-Encoding
x-vcl-time-ms: 102
X-Firefox-Spdy: h2
api-iam.intercom.io/messenger/web/ping
52.20.196.176200 OK 0 B URL HTTP/2 api-iam.intercom.io/messenger/web/ping
IP 52.20.196.176:0
POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 375
Origin: https://www.brandxy.com
Connection: keep-alive
Referer: https://www.brandxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 08:43:25 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1667983410
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13316
access-control-allow-origin: https://www.brandxy.com
vary: Accept,Accept-Encoding
x-intercom-version: 96837411eb033004c04ff9e74aaa90ff66574dbb
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 002aofoap1rcvmpa728g
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"402c00da0e414516aabe383f84647c3b"
x-runtime: 0.707107
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-0030b7455fa630838
X-Firefox-Spdy: h2