domains.squadhelp.com Open in urlscan Pro
2606:4700:10::6816:3260 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rusticmoves.com/
Effective URL:
https://domains.squadhelp.com/lpd/name/rusticmoves.com
Submission Tags: phishingrod
Submission: On March 09 via api (March 9th 2023, 4:43:12 pm UTC) from DE — Scanned from DE

Summary HTTP 96 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 30 domains to perform 96 HTTP transactions. The main IP is 2606:4700:10::6816:3260, located in United States and belongs to CLOUDFLARENET, US. The main domain is domains.squadhelp.com. The Cisco Umbrella rank of the primary domain is 299855.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 18th 2023. Valid for: a year.

This is the only time domains.squadhelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.20.84.62 52.20.84.62	14618 (AMAZON-AES) (AMAZON-AES)
20	2606:4700:10:... 2606:4700:10::6816:3260	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:3360	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	13.224.189.18 13.224.189.18	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.3 18.66.147.3	16509 (AMAZON-02) (AMAZON-02)
1	54.160.56.92 54.160.56.92	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
2	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
4	34.202.126.200 34.202.126.200	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.96.65.117 34.96.65.117	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.209.227.7 54.209.227.7	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	70.42.32.223 70.42.32.223	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	2600:9000:20e... 2600:9000:20eb:f000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 5	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
96	38

1 52.20.84.62 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-84-62.compute-1.amazonaws.com

rusticmoves.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:10::6816:3260 (United States)

ASN13335 (CLOUDFLARENET, US)

domains.squadhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.squadhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3360 (United States)

ASN13335 (CLOUDFLARENET, US)

www.squadhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-18.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.56.92 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-56-92.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.202.126.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-126-200.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.65.117 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.65.96.34.bc.googleusercontent.com

monitor.fraudblocker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.227.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-227-7.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	squadhelp.com domains.squadhelp.com — Cisco Umbrella Rank: 299855 www.squadhelp.com — Cisco Umbrella Rank: 190184	272 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 28 stats.g.doubleclick.net — Cisco Umbrella Rank: 73	6 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6027	949 B
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4223	2 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 990 c.clarity.ms — Cisco Umbrella Rank: 1526 t.clarity.ms — Cisco Umbrella Rank: 13203	21 KB
5	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 343 c.bing.com — Cisco Umbrella Rank: 239	13 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	84 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 317 www.linkedin.com — Cisco Umbrella Rank: 556 px4.ads.linkedin.com — Cisco Umbrella Rank: 6245	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	300 B
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2973	7 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 912 trc.taboola.com — Cisco Umbrella Rank: 642 trc-events.taboola.com — Cisco Umbrella Rank: 1861	20 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 145	184 KB
3	fraudblocker.com monitor.fraudblocker.com — Cisco Umbrella Rank: 100545	20 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2545 tr.outbrain.com — Cisco Umbrella Rank: 2463	7 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	247 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3111 cdn.acsbapp.com — Cisco Umbrella Rank: 3272	168 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2224	203 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1938 api-iam.intercom.io — Cisco Umbrella Rank: 2362	6 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 610	395 B
1	t.co t.co — Cisco Umbrella Rank: 503	378 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1501	157 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 809	374 B
1	quora.com q.quora.com — Cisco Umbrella Rank: 3255	424 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1359	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 615	15 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 171	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 686	5 KB
1	rusticmoves.com 1 redirects rusticmoves.com	226 B
0	fixel.ai Failed script.fixel.ai Failed
96	30

	Domain	Requested by
15	www.squadhelp.com	domains.squadhelp.com www.squadhelp.com
7	domains.squadhelp.com	domains.squadhelp.com
6	www.google.de
5	www.google.com	1 redirects
5	www.google-analytics.com	domains.squadhelp.com www.google-analytics.com www.googletagmanager.com
4	www.facebook.com
4	tags.srv.stackadapt.com	domains.squadhelp.com tags.srv.stackadapt.com
4	bat.bing.com	www.googletagmanager.com bat.bing.com
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
4	connect.facebook.net	domains.squadhelp.com connect.facebook.net www.googletagmanager.com
3	monitor.fraudblocker.com	domains.squadhelp.com monitor.fraudblocker.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.googletagmanager.com	domains.squadhelp.com www.googletagmanager.com
2	trc-events.taboola.com	cdn.taboola.com
2	t.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	px.ads.linkedin.com	2 redirects
2	tr.outbrain.com	amplify.outbrain.com
2	www.clarity.ms	domains.squadhelp.com www.clarity.ms
2	js.intercomcdn.com	widget.intercom.io
1	c.bing.com	1 redirects
1	cdn.acsbapp.com	acsbapp.com
1	region1.analytics.google.com	www.googletagmanager.com
1	analytics.twitter.com
1	t.co
1	alb.reddit.com
1	trc.taboola.com	cdn.taboola.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	q.quora.com
1	acsbapp.com	domains.squadhelp.com
1	www.redditstatic.com	domains.squadhelp.com
1	amplify.outbrain.com	domains.squadhelp.com
1	cdn.taboola.com	domains.squadhelp.com
1	static.ads-twitter.com	domains.squadhelp.com
1	cdn.jsdelivr.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	domains.squadhelp.com
1	rusticmoves.com	1 redirects
0	script.fixel.ai Failed	www.googletagmanager.com
96	43

This site contains links to these domains. Also see Links.

Domain
helpdesk.squadhelp.com
www.squadhelp.com
discussion.squadhelp.com
www.shopperapproved.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-18` - `2024-02-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-16`	2 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-02-27` - `2023-11-07`	8 months	crt.sh
*.acsbapp.com GTS CA 1P5	`2023-03-06` - `2023-06-04`	3 months	crt.sh
monitor.fraudblocker.com GTS CA 1D4	`2023-02-07` - `2023-05-08`	3 months	crt.sh
*.quora.com R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Frame ID: 74DBC7D6EF8EA7D3C93933165497B6B0
Requests: 92 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.af93a040.js
Frame ID: 78D434AF0C542AB8EFB9A9F1E8B9C784
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D3451F0684E79BC316C21B31078D8A74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

rusticmoves.com

Page URL History Show full URLs

https://rusticmoves.com/ HTTP 302
https://domains.squadhelp.com/lpd/name/rusticmoves.com Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

96
Requests

96 %
HTTPS

51 %
IPv6

30
Domains

43
Subdomains

38
IPs

6
Countries

1295 kB
Transfer

3999 kB
Size

43
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://helpdesk.squadhelp.com/en/articles/389625-trademark-research-service7
Title: Trademark Research

Search URL Search Domain Scan URL

URL: https://helpdesk.squadhelp.com/squadhelp-services/trademark-filing-package
Title: Trademark Filing

Search URL Search Domain Scan URL

URL: https://www.squadhelp.com/blog/how-to-come-up-with-business-name/
Title: How to Naming Your Business

Search URL Search Domain Scan URL

URL: https://discussion.squadhelp.com/
Title: Discussion Forum

Search URL Search Domain Scan URL

URL: https://helpdesk.squadhelp.com/
Title: Help Desk

Search URL Search Domain Scan URL

URL: https://www.squadhelp.com/premium-domains-for-sale/for/technology
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.squadhelp.com/premium-domains-for-sale/for/fashion-clothing
Title: Clothing

Search URL Search Domain Scan URL

URL: https://www.squadhelp.com/premium-domains-for-sale/for/finance
Title: Finance

Search URL Search Domain Scan URL

URL: https://www.squadhelp.com/premium-domains-for-sale/for/real-estate
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://www.squadhelp.com/premium-domains-for-sale/for/cryptocurrency-blockchain
Title: Crypto

Search URL Search Domain Scan URL

URL: https://www.squadhelp.com/premium-domains-for-sale/all/length/Short
Title: Short

Search URL Search Domain Scan URL

URL: https://www.squadhelp.com/premium-domains-for-sale/all/type_of_name/One%20Word
Title: One Word

Search URL Search Domain Scan URL

URL: https://helpdesk.squadhelp.com/squadhelp-services/squadhelp-managed-contest-service
Title: Agency Services

Search URL Search Domain Scan URL

URL: https://helpdesk.squadhelp.com/en/collections/118397-creatives
Title: Creative FAQs

Search URL Search Domain Scan URL

URL: https://helpdesk.squadhelp.com/en/articles/997701-domain-marketplace-terms-conditions-for-sellers
Title: Domain Selling Info

Search URL Search Domain Scan URL

URL: https://www.shopperapproved.com/reviews/squadhelp.com/
Title: Squadhelp Inc 4.9/5 based on 2782 ratings

Search URL Search Domain Scan URL

URL: https://www.facebook.com/squadhelpinc

Search URL Search Domain Scan URL

URL: https://twitter.com/squadhelp

Search URL Search Domain Scan URL

URL: https://www.instagram.com/squadhelpinc/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/squadhelp/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Squadhelpinc

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rusticmoves.com/ HTTP 302
https://domains.squadhelp.com/lpd/name/rusticmoves.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1678380187173&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1678380187173%26url%3Dhttps%253A%252F%252Fdomains.squadhelp.com%252Flpd%252Fname%252Frusticmoves.com%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1678380187173&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1678380187173&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&liSync=true&e_ipv6=AQKpCE9qRfeFXQAAAYbHQUAjFvd85KAT5YCoEGJBzR-qNvXvpMD6lwojgz2KrPFWmcydHavkWA

Request Chain 77

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=26125FD5B050490E982C75BBA437327B&RedC=c.clarity.ms&MXFR=2A130DD0E9396BFE171A1F1FED396520 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26125FD5B050490E982C75BBA437327B&MUID=14FAD1C0C66E63BD3E1EC30FC7BC620B

Request Chain 80

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1297379974&cv=11&fst=1678380187114&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&label=DP_eCJK8xO0BENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&value=0&auid=535535799.1678380187&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=mwwKZL23DsKR1wbX_ZSQDg&sscte=1&crd=&eitems=ChAIgKSmoAYQtLPT_t_SoekDEh0ArLHkCpShCVnKDSz2_yspGtwsGQ4vIBoz4NY-cg&pscrd=EkxDaEFJZ0tTbW9BWVExUF9xM2NpU2hxaGRFaVVBSDdwQmo2cU1CSmprdHZ2U1ZVWHF0RWpBcUxzd2lsVFd6Q2h3aE1VbzB3V2hmdDBUGldDaEFJZ0tTbW9BWVFzcU85eE95ODdMc2VFaTBBblNUTEJiU182T0hOemoyX19zVnc4dy0xOWdPZ3FHZmFXQzd1d0VQOGVTZWRPQjBYRkJBdE51b3M0VzA HTTP 302
https://www.google.com/pagead/1p-conversion/1030947153/?random=1297379974&cv=11&fst=1678380187114&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&label=DP_eCJK8xO0BENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&value=0&auid=535535799.1678380187&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0tTbW9BWVExUF9xM2NpU2hxaGRFaVVBSDdwQmo2cU1CSmprdHZ2U1ZVWHF0RWpBcUxzd2lsVFd6Q2h3aE1VbzB3V2hmdDBUGldDaEFJZ0tTbW9BWVFzcU85eE95ODdMc2VFaTBBblNUTEJiU182T0hOemoyX19zVnc4dy0xOWdPZ3FHZmFXQzd1d0VQOGVTZWRPQjBYRkJBdE51b3M0VzA&is_vtc=1&ocp_id=mwwKZL23DsKR1wbX_ZSQDg&cid=CAQSKQDUE5ymMUF3X-dzAYZ3499eu3o4cIBaQPgjur5Ok1oHQz3J_ShJ46Pk&eitems=ChAIgKSmoAYQtLPT_t_SoekDEh0ArLHkCjfN-O4440C6C6CilMfapvcyhtQ6yCtlKA&random=2913391189 HTTP 302
https://www.google.de/pagead/1p-conversion/1030947153/?random=1297379974&cv=11&fst=1678380187114&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&label=DP_eCJK8xO0BENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&value=0&auid=535535799.1678380187&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0tTbW9BWVExUF9xM2NpU2hxaGRFaVVBSDdwQmo2cU1CSmprdHZ2U1ZVWHF0RWpBcUxzd2lsVFd6Q2h3aE1VbzB3V2hmdDBUGldDaEFJZ0tTbW9BWVFzcU85eE95ODdMc2VFaTBBblNUTEJiU182T0hOemoyX19zVnc4dy0xOWdPZ3FHZmFXQzd1d0VQOGVTZWRPQjBYRkJBdE51b3M0VzA&is_vtc=1&ocp_id=mwwKZL23DsKR1wbX_ZSQDg&cid=CAQSKQDUE5ymMUF3X-dzAYZ3499eu3o4cIBaQPgjur5Ok1oHQz3J_ShJ46Pk&eitems=ChAIgKSmoAYQtLPT_t_SoekDEh0ArLHkCjfN-O4440C6C6CilMfapvcyhtQ6yCtlKA&random=2913391189&ipr=y&prhg=0

96 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request rusticmoves.com Show response
domains.squadhelp.com/lpd/name/
Redirect Chain

https://rusticmoves.com/
https://domains.squadhelp.com/lpd/name/rusticmoves.com

30 KB
6 KB

597ms
524ms

Document
text/html

2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://domains.squadhelp.com/lpd/name/rusticmoves.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d96b8a782ac1daa4e1ef33948329260dad685cc3a74a0f95f20089a3405f4e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: EXPIRED
cf-ray: 7a54c6633edd8fee-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 16:43:06 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Thu, 09 Mar 2023 11:42:03 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 142
Content-Type: text/html
Date: Thu, 09 Mar 2023 16:43:05 GMT
Location: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Server: openresty

GET
H2 200 ff5a08c108014e146ba5746904afebed.css
www.squadhelp.com/var/ 296 KB
46 KB 53ms
30ms Stylesheet
text/css 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74c1f64d6437b89f66b0ac66618c82fda17d94fc0088493c571dcab9d77ec1ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 20:12:49 GMT
server: cloudflare
age: 169956
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c666baf58fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.svg
domains.squadhelp.com/html/html/static_images/ 5 KB
2 KB 27ms
26ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domains.squadhelp.com/html/html/static_images/logo.svg
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43907df7d7276ce8a967a205ef56d407d83e9094c00e5db83ece96c926eb565c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/lpd/name/rusticmoves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 3634801
last-modified: Tue, 11 Oct 2022 18:21:16 GMT
server: cloudflare
etag: W/"6345b41c-1321"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6669ace8fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 approved-footer-2.svg
domains.squadhelp.com/html/html/static_images/ 84 KB
62 KB 31ms
30ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domains.squadhelp.com/html/html/static_images/approved-footer-2.svg
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0871f072c8428d3c0dae7ae1eae77c4f5681c0f2a4b08b4c9771aedeba585650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/lpd/name/rusticmoves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 40204
last-modified: Mon, 02 Jan 2023 13:11:10 GMT
server: cloudflare
etag: W/"63b2d7ee-14e52"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c666cb0a8fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 email-decode.min.js Show response
domains.squadhelp.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
817 B 17ms
16ms Script
application/javascript 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://domains.squadhelp.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/lpd/name/rusticmoves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 03 Mar 2023 16:16:37 GMT
server: cloudflare
etag: W/"64021d65-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7a54c666cb078fee-FRA
expires: Sat, 11 Mar 2023 16:43:06 GMT

GET
H2 200 rocket-loader.min.js Show response
domains.squadhelp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 17ms
16ms Script
application/javascript 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://domains.squadhelp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/lpd/name/rusticmoves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 03 Mar 2023 16:16:37 GMT
server: cloudflare
etag: W/"64021d65-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7a54c666cb0b8fee-FRA
expires: Sat, 11 Mar 2023 16:43:06 GMT

GET
H2 200 icon-arrow-down.svg
www.squadhelp.com/html/html/static_images/ 804 B
555 B 24ms
23ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/html/html/static_images/icon-arrow-down.svg
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 910d2a0a15f6454909576c3cb3f955f43eae8ed9dfc081bc89f2319d566923b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 7435080
last-modified: Tue, 11 Oct 2022 18:21:40 GMT
server: cloudflare
etag: W/"6345b434-324"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6670b4b8fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-search.svg
www.squadhelp.com/html/html/static_images/ 1 KB
629 B 24ms
22ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/html/html/static_images/icon-search.svg
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363bbda5525787b0caefb6568005cdfcc80739ff0f9397b68145d9e8146b527c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 7905534
last-modified: Tue, 11 Oct 2022 18:21:38 GMT
server: cloudflare
etag: W/"6345b432-456"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6670b518fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-user.svg
www.squadhelp.com/html/html/static_images/ 2 KB
891 B 26ms
25ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/html/html/static_images/icon-user.svg
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e700bc9014957458568345693ab3b56be79627500d7f29ff288bd049bc2a6cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 7436498
last-modified: Tue, 11 Oct 2022 18:21:07 GMT
server: cloudflare
etag: W/"6345b413-766"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6670b548fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-phone.svg
www.squadhelp.com/html/html/static_images/ 892 B
567 B 25ms
24ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/html/html/static_images/icon-phone.svg
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 929ab777caaabb49d8b072ca199db92a21601bf5b4dbe2262dc17a53fa256bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 7852843
last-modified: Tue, 11 Oct 2022 18:21:38 GMT
server: cloudflare
etag: W/"6345b432-37c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6670b578fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-heart.svg
www.squadhelp.com/html/html/static_images/ 786 B
511 B 24ms
23ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/html/html/static_images/icon-heart.svg
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 471af240c3e8a69e33f689cf38d9d672d0b27fc5e52b19eb570a127fcc82ff7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 4519098
last-modified: Tue, 11 Oct 2022 18:21:39 GMT
server: cloudflare
etag: W/"6345b433-312"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6670b5a8fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-arrow-long-right.svg
www.squadhelp.com/html/html/static_images/ 225 B
291 B 26ms
26ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/html/html/static_images/icon-arrow-long-right.svg
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b6f86d569ea4a17b522d2d0abf784872bcb7bd2e512c7a34bdc3a2f77fd946b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 7522716
last-modified: Tue, 11 Oct 2022 18:21:41 GMT
server: cloudflare
etag: W/"6345b435-e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6670b5c8fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-arrow-down-blue.svg
www.squadhelp.com/html/html/static_images/ 806 B
573 B 26ms
26ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/html/html/static_images/icon-arrow-down-blue.svg
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad620880c542faa71ec7b8906bffe4b83274347ea8faac6afb729734eae5377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 7843684
last-modified: Tue, 11 Oct 2022 18:21:43 GMT
server: cloudflare
etag: W/"6345b437-326"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6671b738fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 facebook.svg
www.squadhelp.com/html/html/static_images/ 1 KB
620 B 25ms
23ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/html/html/static_images/facebook.svg
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21e258a2abf78eac98e3dc1f2f18c14e67c7ab844afa96fd0040dbbbd6a9cf80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 7436498
last-modified: Tue, 11 Oct 2022 18:21:11 GMT
server: cloudflare
etag: W/"6345b417-428"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6672ba68fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 twitter.svg
www.squadhelp.com/html/html/static_images/ 1 KB
831 B 28ms
26ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/html/html/static_images/twitter.svg
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a299adbb6b641153f1fe6d209f1b94549fdf42eca9b64d7c5d2ab1134ac72437

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 7436498
last-modified: Tue, 11 Oct 2022 18:21:31 GMT
server: cloudflare
etag: W/"6345b42b-541"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6672ba78fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 instagam.svg
www.squadhelp.com/html/html/static_images/ 3 KB
2 KB 28ms
26ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/html/html/static_images/instagam.svg
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf742275c5cc3d40e11ba335bf0a853831e1938345561b7a33da63c3dbd11ed1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 7436498
last-modified: Tue, 11 Oct 2022 18:21:21 GMT
server: cloudflare
etag: W/"6345b421-da3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6672ba88fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 in.svg
www.squadhelp.com/html/html/static_images/ 883 B
608 B 37ms
35ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/html/html/static_images/in.svg
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2afc34dbe70eb80ce4ab32165b34ecb166e4f7d841ff2eccbdb089ffb4646da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 4517757
last-modified: Tue, 11 Oct 2022 18:21:37 GMT
server: cloudflare
etag: W/"6345b431-373"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6672baa8fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 youtube.svg
www.squadhelp.com/html/html/static_images/ 877 B
592 B 27ms
25ms Image
image/svg+xml 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/html/html/static_images/youtube.svg
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eada74cf2ae7135442fe81d3be183445f0cda85cdb7a26883327079337811afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 7436498
last-modified: Tue, 11 Oct 2022 18:21:09 GMT
server: cloudflare
etag: W/"6345b415-36d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6672bab8fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ProductSans-Regular.woff2
www.squadhelp.com/modules/marketplace/assets/fonts/bubble/ 13 KB
14 KB 38ms
16ms Font
application/octet-stream 2606:4700:10::6816:3360
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.squadhelp.com/modules/marketplace/assets/fonts/bubble/ProductSans-Regular.woff2
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc04a100d9ffb66432cc6b85574582ac7d4da86d7eba38a699c605fe3086fbe

Request headers

Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Origin: https://domains.squadhelp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
cf-cache-status: HIT
age: 1960121
content-length: 13440
last-modified: Mon, 12 Sep 2022 15:01:37 GMT
server: cloudflare
etag: "631f49d1-3480"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7a54c6672f7f9c10-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ProductSans-Bold.woff2
www.squadhelp.com/modules/marketplace/assets/fonts/bubble/ 20 KB
20 KB 45ms
23ms Font
application/octet-stream 2606:4700:10::6816:3360
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.squadhelp.com/modules/marketplace/assets/fonts/bubble/ProductSans-Bold.woff2
Requested by: Host: www.squadhelp.com
URL: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46c3a9dd12310f604a7003f51fc8b81509f63bfda367f1d537854f0120ba30bc

Request headers

Referer: https://www.squadhelp.com/var/ff5a08c108014e146ba5746904afebed.css
Origin: https://domains.squadhelp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
cf-cache-status: HIT
age: 3635063
content-length: 20100
last-modified: Mon, 12 Sep 2022 15:01:34 GMT
server: cloudflare
etag: "631f49ce-4e84"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7a54c6672f829c10-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 79cda81f7c2cc01053b46a6a2174124a.js Show response
domains.squadhelp.com/var/ 360 KB
109 KB 36ms
35ms Script
application/x-javascript 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://domains.squadhelp.com/var/79cda81f7c2cc01053b46a6a2174124a.js
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b72bf568944d06058c840832352c9880eabae7f5a5d4bbf5efbf7b09dcf1fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/lpd/name/rusticmoves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 14:51:08 GMT
server: cloudflare
age: 40200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7a54c6674be48fee-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 118ms
35ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 15:19:39 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5007
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 17:19:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 35ms
14ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Mar 2023 16:43:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 81G5d19uGYmzYsjuqc8WGfkjBeiZw/CtZD6q/ST4yNroFblAO6N4UrY7HWvsf4xl3668iDXhV/MlrpiyhEl/Kw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 329 KB
102 KB 145ms
58ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M6CM29

Requested by

Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb3c463bab8256779c1746f9e19144e90973b17a336b17fdbd1ec8ec67193a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103854
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 15:20:11 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 16:43:06 GMT

GET
H2 200 bubble-theme-dynamic-data Show response
domains.squadhelp.com/geo-business-names/ 3 B
352 B 461ms
461ms XHR
text/html 2606:4700:10::6816:3260
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://domains.squadhelp.com/geo-business-names/bubble-theme-dynamic-data

Requested by

Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/var/79cda81f7c2cc01053b46a6a2174124a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3260 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://domains.squadhelp.com/lpd/name/rusticmoves.com
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7a54c667bc5b8fee-FRA
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ld9mkn53 Show response
widget.intercom.io/widget/ 8 KB
4 KB 50ms
8ms Script
application/javascript 13.224.189.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/ld9mkn53
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-18.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0732113f36c7a30a424b949ce29d6143e0ced5980fe5bac47d2914fd4f552716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:28:51 GMT
content-encoding: gzip
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-version-id: IbNRJXlbemETuB9qald5yVqNW6KIOnlr
x-amz-cf-pop: FRA2-C1
age: 856
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3266
last-modified: Thu, 09 Mar 2023 16:28:47 GMT
server: AmazonS3
etag: "27b35a0cd3afe05ecc1d168af0e15741"
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: bhigsed0Mec9LAVa8c4-VL9UVwMEeTYyjPNgclndJthx0gp9EpVkRQ==

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Mar 2023 16:43:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: lEcY5AHRLDkFEf8WFMh6l0zNfJ3wMYT9VPfHfTVikh2m9fm1LqWNT2wSoKWbpvMtEXSuYc0rywdb+ZNjzyn7oA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 776488579087398 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/776488579087398?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fbe5e545c180165bd178ee77ece3a4d1d8e7a42d80201d7394fafdb8fcc203a1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Mar 2023 16:43:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110222
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: iyM7k3lfke7VBr7vCcXRorye5foGq6JqLeHCWTmvalE3oe+3pNHeEEuMFjtZ6BTFSzsza6En4lsuriBBJnfp7g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 frame-modern.af93a040.js Show response
js.intercomcdn.com/ Frame 78D4 487 KB
129 KB 73ms
7ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.af93a040.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ld9mkn53

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

054cd26d8bcd68cade0b1c935c78e7a7ee3696d4bc09a6bdcf544c1ac8c2e439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:28:51 GMT
content-encoding: gzip
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-version-id: JSTJ9OUvPpv.dD24zkjO_gXGt3dJR.5g
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 856
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 131780
last-modified: Thu, 09 Mar 2023 16:24:04 GMT
server: AmazonS3
etag: "b5057407662c37ababd19f718d7583d8"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: xFr3l_E8OPfdigT7NWXUYm9A2AButFcf6e7-nZJA2t8BPtvyNetNlg==

GET
H2 200 vendor-modern.8b14303a.js Show response
js.intercomcdn.com/ Frame 78D4 237 KB
73 KB 86ms
21ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.8b14303a.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ld9mkn53

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d6ef1e61cbbd1ec228bcdbb740df37aaa36452ab2bb1253d7994d62e5c5e918b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 5pjnmFQwWsi7RBCVzcMFQuoqhSvKYjAA
content-encoding: gzip
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date: Thu, 09 Mar 2023 16:38:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 301
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74478
last-modified: Thu, 09 Mar 2023 14:35:26 GMT
server: AmazonS3
etag: "a333e89b71729d13340d334f996eaf73"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: rM3ws_WKZCbcfqL4zCcA2l9U2UPT0fQBvly5X3h96GNMhAW2W2_WIw==

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 113 KB
45 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PZ8ZGQF&cid=196290117.1678380187

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a23893bbd5add32b801d269ddfb3803b702c5ef532988efde246a35f81e67d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45325
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 15:20:11 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 16:43:06 GMT

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 78D4 5 KB
3 KB 706ms
489ms XHR
application/json 54.160.56.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.af93a040.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.56.92 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-56-92.compute-1.amazonaws.com

Software

nginx /

Resource Hash

391363ce4353eae77e1c05b24f2cda3816bdfe7d97ecc8633c19a03d18744506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Mar 2023 16:43:07 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0a9c6b4ceb8ee8995
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0000ie7oolkjkv3c6vm0
x-runtime: 0.331965
server: nginx
etag: W/"391363ce4353eae77e1c05b24f2cda38"
x-ratelimit-remaining: 13322
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://domains.squadhelp.com
x-intercom-version: 1e5d90126918e35ec149d85dcde374e3f24fb44d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1678380190
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 45ms
45ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1312721988&t=pageview&_s=1&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&ul=en-us&de=UTF-8&dt=rusticmoves.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAAEADQAAAACAAI~&jid=1661013077&gjid=58952133&cid=196290117.1678380187&tid=UA-11585500-4&_gid=1737862332.1678380187&_r=1&_slc=1&z=419362307

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://domains.squadhelp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://domains.squadhelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 45ms
7ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6CM29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=33996
accept-ranges: bytes
content-length: 4777

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/ 3 KB
2 KB 173ms
87ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1678380187092&cv=11&fst=1678380187092&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&auid=535535799.1678380187&data=ecomm_pagetype%3Dproduct&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6CM29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9aed4774d9115c7579326d4a6bcd07b17269e8a586a96c275ef2709c479558b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1213
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 70ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6CM29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 09 Mar 2023 16:43:06 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 575D09EA679246EAA96E6CA220BE8812 Ref B: FRAEDGE1307 Ref C: 2023-03-09T16:43:07Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
27 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6CM29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Mar 2023 16:43:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: u8cBH+B13nmRnGoC6LbZIPDmwblzUViQ59MaCREP1iVZbBFtxb0U040ww5VWw2soOi4AudYEprSfWYfZj/yPJw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11585500-1&cid=196290117.1678380187&jid=2136344385&gjid=2038636940&_gid=1737862332.1678380187&_u=aGDAgEADQAAAAGAAI~&z=1945460457

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://domains.squadhelp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Mar 2023 16:43:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://domains.squadhelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6CM29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 15:19:39 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5008
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 17:19:39 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1030947153/ 3 KB
2 KB 157ms
51ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1030947153/?random=1678380187114&cv=11&fst=1678380187114&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&label=DP_eCJK8xO0BENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&value=0&bttype=purchase&auid=535535799.1678380187&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6CM29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

47e948f583a486bc3654c9891f730ed5c0751e4e8d124126ea73cd45ce381794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1567
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 search-insights@1.3.1 Show response
cdn.jsdelivr.net/npm/ 10 KB
3 KB 37ms
7ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/search-insights@1.3.1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6CM29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

47c45e88cf077d9f81fbf85bc409e22eaea1604e12b33ecd1ee3a1af47bd45a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Mar 2023 16:43:07 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1326147
x-jsd-version: 1.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2870
x-served-by: cache-fra-eddf8230131-FRA, cache-hhn-etou8220045-HHN
x-jsd-version-type: version
etag: W/"2817-FGLI0cv/s1qAA3nM5zLdFEpck2Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
66 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1030947153

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6CM29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a39ef7e82d7af03e1568f73655adba55f74ed0e5a338ad33c63728d60aa7328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67314
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 15:20:11 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 16:43:07 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 70ms
18ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6340-VIE

GET
H2 200 3xq9rdybkj Show response
www.clarity.ms/tag/ 889 B
1 KB 142ms
101ms Script
application/x-javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/3xq9rdybkj
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b6c2f08d044be0747c1cfe64b36a209f7a65158079cd0deadba061210a4f7d8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: application/x-javascript
date: Thu, 09 Mar 2023 16:43:06 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0mwwKZAAAAABMWKWS4E7oQp6LkuDU0pj7RlJBMzFFREdFMDkxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1344021/ 58 KB
18 KB 36ms
10ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1344021/tfa.js
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd73ca935c8a9ba2e7e1de39e36259026ae19454bb732e4e390fc95a898ee844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 67_DlLwciRmRiPmES5B_.TRGLLYkACRe
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Mar 2023 16:43:07 GMT
x-amz-request-id: 1R1950HKVPAV6T3X
age: 63
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 18160
x-amz-id-2: 9V1QlnVmlnXHcVlUjM4+bZx+b/Z8ZBgmktOb8Rhv8VqYhEFNw5whJMoF2MwnbmcdZBqAhNS6uNc=
x-served-by: cache-hhn-etou8220027-HHN
last-modified: Sun, 05 Mar 2023 11:20:57 GMT
server: AmazonS3
x-timer: S1678380187.154567,VS0,VE2
etag: "2385e8769226379c540e41609009400f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 40
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 17 KB
6 KB 32ms
8ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3c4aacb974ed3d0a3d1f57bebc8d97897ce027b0751a5f0da9ee697a825c2f1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 16:43:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 09:48:30 GMT
Server: AkamaiNetStorage
ETag: "b07048fb19f7c325242e254218118e14:1675339769.124179"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5911
Expires: Thu, 09 Mar 2023 17:03:07 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 53ms
17ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 452ms
107ms Script
text/javascript 34.202.126.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.126.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-126-200.compute-1.amazonaws.com
Software: /
Resource Hash: 5473dcf31b90e7f4ea0727a87b517daba1ff389f8eb8e9801bfb08d88d89db9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Mar 2023 16:43:07 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
transfer-encoding: chunked
Content-Type: text/javascript

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 471 KB
168 KB 64ms
28ms Script
text/javascript 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b21e77de6f67b4a530f42d9aa7c0bb9afea74c2372c22f58a8dfa5f5a05bae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1677170021
age: 1119
x-guploader-uploadid: ADPycdvyn7kgYqYNECHxU2HcUZfaPrryUQcCBzh7jzy4If1C9pyZmIGk1b1tbTjpYAZmlDCdKBNce4OxYOx7jcLg3QtP7A
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 23 Feb 2023 16:34:22 GMT
server: cloudflare
etag: W/"25350aff689524382c7d906f925cb1dc"
vary: Accept-Encoding
x-goog-generation: 1677170062636675
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Tb1mkg==, md5=JTUK/2iVJDgsfZBvklyx3A==
access-control-expose-headers: *
cache-control: no-cache
x-goog-stored-content-length: 481913
cf-ray: 7a54c669fcda9c01-FRA
expires: Fri, 08 Mar 2024 16:24:28 GMT

GET
H2 200 fbt.js Show response
monitor.fraudblocker.com/ 47 KB
20 KB 66ms
17ms Script
application/x-javascript 34.96.65.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.fraudblocker.com/fbt.js?sid=N_PvROEYPR5Jhemba05dv
Requested by: Host: domains.squadhelp.com
URL: https://domains.squadhelp.com/lpd/name/rusticmoves.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.65.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.65.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 24ec5ace91e3c6656624387a2087660e7faaa97b000177eff1d476ae1db389af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:58:58 GMT
content-encoding: gzip
age: 2649
x-guploader-uploadid: ADPycduXryz-auw7Rwsj5w0ZGcEDeTyE7ZKb1kRMH8r61sHVHDg-YdZ01G8thwrN9MPLjUH0dEg6wMEgTR52_32nyYao2Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19805
last-modified: Thu, 08 Dec 2022 00:17:53 GMT
server: UploadServer
etag: "ab5f5eda41a0667e8d1c5f5bdb4005eb"
vary: Accept-Encoding
x-goog-generation: 1670458673043402
x-goog-hash: crc32c=gTsrXg==, md5=q19e2kGgZn6NHF9b20AF6w==
content-type: application/x-javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 19805
accept-ranges: bytes
expires: Thu, 09 Mar 2023 16:58:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VJ36JWQDE1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6CM29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25912b035c9e5fbc2c818fce86d0716be27d945760f9a7b3061cde5790b978bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80698
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 16:43:07 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/dcf3487c2f234553bf375cb5ea4c260b/ 43 B
424 B 440ms
107ms Image
image/gif 54.209.227.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/dcf3487c2f234553bf375cb5ea4c260b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.209.227.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-227-7.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 16:43:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,b5362d2c69c611eb89f87976b0033c8b,10.0.0.238,22790,185.213.155.174,,108748703421,1,1678380187.548,0.001,,.,0,0,0.000,0.000,-,0,0,197,199,99,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 32ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=776488579087398&ev=PageView&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&rl=&if=false&ts=1678380187102&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1678380187102.1079213499&it=1678380186860&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Mar 2023 16:43:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1312721988&t=pageview&_s=1&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&ul=en-us&de=UTF-8&dt=rusticmoves.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQAAAACAAI~&jid=2136344385&gjid=2038636940&cid=196290117.1678380187&tid=UA-11585500-1&_gid=1737862332.1678380187&gtm=45He3360n71M6CM29&z=1332019162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:07:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45327
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET Fixel.min.js
script.fixel.ai/script/ 0
0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/ 3 KB
1 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1678380187135&cv=11&fst=1678380187135&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&auid=535535799.1678380187&data=dynx_pagetype%3Dother&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6CM29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f5f1d5b0e18e5c0697dac6a16803eb3b7aa806e45866000a4edb8a60c1623b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1214
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 23ms
20ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11585500-4&cid=196290117.1678380187&jid=1661013077&gjid=58952133&_gid=1737862332.1678380187&_u=KGDAAEACQAAAACAAI~&z=1180474189

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://domains.squadhelp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Mar 2023 16:43:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://domains.squadhelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 10ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=776488579087398&ev=scrollDepth&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&rl=&if=false&ts=1678380187155&cd[Depth]=50&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1678380187102.1079213499&it=1678380186860&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Mar 2023 16:43:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=776488579087398&ev=scrollDepth&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&rl=&if=false&ts=1678380187159&cd[Depth]=75&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1678380187102.1079213499&it=1678380186860&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Mar 2023 16:43:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 378ms
87ms Script
application/javascript 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=undefined
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 16:43:07 GMT
X-TraceId: 446beab98ecbde6afc308eb06339d9a0
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 402ms
93ms Image
image/gif 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00307c4941e2958412d6d5d587832791fc&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&g=1&optOut=false&bust=017948731879676227&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 16:43:07 GMT
Cache-Control: no-cache
X-TraceId: 61ad8375b5efa404a053110c7ad8c3cc
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/34987/domain/domains.squadhelp.com/ 36 B
374 B 60ms
10ms XHR
application/json 2600:9000:20eb:f000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/34987/domain/domains.squadhelp.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://domains.squadhelp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:45:14 GMT
content-encoding: gzip
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 3473
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: aUnqXEpyp6tksxh57U43m_fQYR1F8SlxMMmMIc075kGhSPFctic8pQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1678380187173&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34987%26time%3D1678380187173%26url%3Dhttps%253A%252F%252Fdomains.squadhelp.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1678380187173&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1678380187173&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&liSync=true&e_ipv6=AQKpCE9qRfeFXQAAAYbHQUAjFvd85K...

0
263 B

264ms
180ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1678380187173&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&liSync=true&e_ipv6=AQKpCE9qRfeFXQAAAYbHQUAjFvd85KAT5YCoEGJBzR-qNvXvpMD6lwojgz2KrPFWmcydHavkWA
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:07 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 613C644012F2455BB256766D12011939 Ref B: VIEEDGE3007 Ref C: 2023-03-09T16:43:07Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2elbl/CLqUmdcnIEZ4Q==

Redirect headers

date: Thu, 09 Mar 2023 16:43:07 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5621143BAB854579B1D9D54EBC5559ED Ref B: FRAEDGE1408 Ref C: 2023-03-09T16:43:07Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=34987&time=1678380187173&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&liSync=true&e_ipv6=AQKpCE9qRfeFXQAAAYbHQUAjFvd85KAT5YCoEGJBzR-qNvXvpMD6lwojgz2KrPFWmcydHavkWA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2elbiaZrlHXb+IU+3Jg==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 202ms
81ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11585500-1&cid=196290117.1678380187&jid=2136344385&_u=aGDAgEADQAAAAGAAI~&z=159161862

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 137ms
59ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11585500-1&cid=196290117.1678380187&jid=2136344385&_u=aGDAgEADQAAAAGAAI~&z=159161862

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1344021/trc/3/ 3 KB
2 KB 38ms
24ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1344021/trc/3/json?tim=1678380187184&data=%7B%22id%22%3A89%2C%22ii%22%3A%22%2Flpd%2Fname%2Frusticmoves.com%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1678380187178%2C%22cv%22%3A%2220230302-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsquadhelp%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1678380187184%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1344021/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a2db8b1921189735d6b493e040f2e263984855676c03c87fbe708a228a9af47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220027-HHN
server: nginx
x-timer: S1678380187.286562,VS0,VE16
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 15226519.js Show response
bat.bing.com/p/action/ 0
136 B 109ms
109ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15226519.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 09 Mar 2023 16:43:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 77D805CAA0C04FBFA3B5E99E6DC879C9 Ref B: FRAEDGE1307 Ref C: 2023-03-09T16:43:07Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
230 B 78ms
77ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=5bedebb7-7e7a-4c46-8f60-a158bce61fcb&sid=781060f0be9911edbd0623473f9d2d8a&vid=7810a630be9911eda96ee38ef3746e66&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=rusticmoves.com&p=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&r=&lt=1390&evt=pageLoad&sv=1&rn=366365

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Mar 2023 16:43:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F716A15BA5EB4B96BF662D4DE9A982B0 Ref B: FRAEDGE1307 Ref C: 2023-03-09T16:43:07Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
286 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15226519&tm=gtm002&Ver=2&mid=5bedebb7-7e7a-4c46-8f60-a158bce61fcb&sid=781060f0be9911edbd0623473f9d2d8a&vid=7810a630be9911eda96ee38ef3746e66&vids=0&msclkid=N&pagetype=product&en=Y&sw=1600&sh=1200&sc=24&evt=custom&rn=320797

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Mar 2023 16:43:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE7662E529454EEF8997119C1271445F Ref B: FRAEDGE1307 Ref C: 2023-03-09T16:43:07Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 137ms
106ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1678380187208&id=t2_bc56g0l6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=727da396-6ebd-418b-b3f9-f0ebcb423301&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:07 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/ 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1678380187225&cv=11&fst=1678380187225&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&auid=535535799.1678380187&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1030947153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35a7a1628253a2e8efdcd2cb9768737381c018594c6f1fcb4c12b74d1032ca68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1212
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
378 B 143ms
114ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=4ab7c804-6328-4edf-9d7c-d388a442ce13&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2bf9d4b4-cef8-44c4-81bc-699a50f0a915&tw_document_href=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 107
date: Thu, 09 Mar 2023 16:43:07 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 42a44f242274bd77
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f948e3e365beafaf299636f2dcd9bb4523a84a1b3f855a0baf3a26274bd43049
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 156ms
118ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=4ab7c804-6328-4edf-9d7c-d388a442ce13&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2bf9d4b4-cef8-44c4-81bc-699a50f0a915&tw_document_href=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0zgt&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 111
date: Thu, 09 Mar 2023 16:43:07 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 467e29addaff32d8
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f61c182747c19f0648f06e8f0039d2519f84d550ae34df63fbb6763365a2d258
content-length: 43

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 50ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VJ36JWQDE1&gtm=45je3360&_p=1312721988&_gaz=1&cid=196290117.1678380187&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678380187&sct=1&seg=0&dl=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&dt=rusticmoves.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJ36JWQDE1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://domains.squadhelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 21ms
20ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VJ36JWQDE1&cid=196290117.1678380187&gtm=45je3360&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJ36JWQDE1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://domains.squadhelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 62ms
59ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VJ36JWQDE1&cid=196290117.1678380187&gtm=45je3360&aip=1&z=336539742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 config.json Show response
cdn.acsbapp.com/cache/app/domains.squadhelp.com/ 127 B
496 B 74ms
23ms Fetch
application/xml 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/domains.squadhelp.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:07 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 41
x-guploader-uploadid: ADPycdvjJ2OGEobg5OtomGq3cTBNycG2pinklBGm7ODXnoYzc7AmkOW4pjPUgtN5ZV0ce2kNVvJJ9cDY5Sq1XfjwW7dzPQ
vary: Accept-Encoding
content-type: application/xml; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *, Cache-Control, Content-Length, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
cf-ray: 7a54c66b1d2c9122-FRA
expires: Thu, 09 Mar 2023 16:42:26 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-c-sc/s/0.7.2/ 56 KB
19 KB 10ms
9ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-c-sc/s/0.7.2/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3xq9rdybkj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:06 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-azure-ref-originshield: 0yAIJZAAAAAAtIae4lQBNSbPGjwfBQcIjRlJBMjMxMDUwNDE3MDMzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d94d032bd8761c"
x-azure-ref: 0mwwKZAAAAADjmv/5YU3mS5UHZjTMNH5jRlJBMzFFREdFMDkxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=26125FD5B050490E982C75BBA437327B&RedC=c.clarity.ms&MXFR=2A130DD0E9396BFE171A1F1FED396520
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26125FD5B050490E982C75BBA437327B&MUID=14FAD1C0C66E63BD3E1EC30FC7BC620B

42 B
442 B

26ms
26ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26125FD5B050490E982C75BBA437327B&MUID=14FAD1C0C66E63BD3E1EC30FC7BC620B
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
last-modified: Wed, 15 Feb 2023 08:41:50 GMT
server: Microsoft-IIS/10.0
etag: "ddef9591941d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 79BA545E634B4875937DC2D8ECD7B53F Ref B: FRAEDGE1307 Ref C: 2023-03-09T16:43:07Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26125FD5B050490E982C75BBA437327B&MUID=14FAD1C0C66E63BD3E1EC30FC7BC620B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/1030947153/ 42 B
154 B 74ms
68ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1030947153/?random=1678380187092&cv=11&fst=1678377600000&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&data=ecomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=3553442491&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1030947153/ 42 B
455 B 51ms
51ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1030947153/?random=1678380187092&cv=11&fst=1678377600000&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&data=ecomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=3553442491&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1030947153/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1030947153/?random=1297379974&cv=11&fst=1678380187114&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&label=DP_eCJK8xO0BENG...
https://www.google.com/pagead/1p-conversion/1030947153/?random=1297379974&cv=11&fst=1678380187114&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&label=DP_eCJK8xO0BENGCzOsD&hn=www.googlead...
https://www.google.de/pagead/1p-conversion/1030947153/?random=1297379974&cv=11&fst=1678380187114&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&label=DP_eCJK8xO0BENGCzOsD&hn=www.googleads...

42 B
64 B

53ms
52ms

Image
image/gif

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1030947153/?random=1297379974&cv=11&fst=1678380187114&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&label=DP_eCJK8xO0BENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&value=0&auid=535535799.1678380187&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0tTbW9BWVExUF9xM2NpU2hxaGRFaVVBSDdwQmo2cU1CSmprdHZ2U1ZVWHF0RWpBcUxzd2lsVFd6Q2h3aE1VbzB3V2hmdDBUGldDaEFJZ0tTbW9BWVFzcU85eE95ODdMc2VFaTBBblNUTEJiU182T0hOemoyX19zVnc4dy0xOWdPZ3FHZmFXQzd1d0VQOGVTZWRPQjBYRkJBdE51b3M0VzA&is_vtc=1&ocp_id=mwwKZL23DsKR1wbX_ZSQDg&cid=CAQSKQDUE5ymMUF3X-dzAYZ3499eu3o4cIBaQPgjur5Ok1oHQz3J_ShJ46Pk&eitems=ChAIgKSmoAYQtLPT_t_SoekDEh0ArLHkCjfN-O4440C6C6CilMfapvcyhtQ6yCtlKA&random=2913391189&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1030947153/?random=1297379974&cv=11&fst=1678380187114&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&label=DP_eCJK8xO0BENGCzOsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&value=0&auid=535535799.1678380187&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0tTbW9BWVExUF9xM2NpU2hxaGRFaVVBSDdwQmo2cU1CSmprdHZ2U1ZVWHF0RWpBcUxzd2lsVFd6Q2h3aE1VbzB3V2hmdDBUGldDaEFJZ0tTbW9BWVFzcU85eE95ODdMc2VFaTBBblNUTEJiU182T0hOemoyX19zVnc4dy0xOWdPZ3FHZmFXQzd1d0VQOGVTZWRPQjBYRkJBdE51b3M0VzA&is_vtc=1&ocp_id=mwwKZL23DsKR1wbX_ZSQDg&cid=CAQSKQDUE5ymMUF3X-dzAYZ3499eu3o4cIBaQPgjur5Ok1oHQz3J_ShJ46Pk&eitems=ChAIgKSmoAYQtLPT_t_SoekDEh0ArLHkCjfN-O4440C6C6CilMfapvcyhtQ6yCtlKA&random=2913391189&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1030947153/ 42 B
108 B 78ms
72ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1030947153/?random=1678380187135&cv=11&fst=1678377600000&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&data=dynx_pagetype%3Dother&fmt=3&is_vtc=1&random=2933099160&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1030947153/ 42 B
108 B 52ms
51ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1030947153/?random=1678380187135&cv=11&fst=1678377600000&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&data=dynx_pagetype%3Dother&fmt=3&is_vtc=1&random=2933099160&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1030947153/ 42 B
108 B 76ms
70ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1030947153/?random=1678380187225&cv=11&fst=1678377600000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=279962156&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1030947153/ 42 B
108 B 50ms
49ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1030947153/?random=1678380187225&cv=11&fst=1678377600000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&tiba=rusticmoves.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=279962156&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:43:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.js Show response
monitor.fraudblocker.com/ 2 B
312 B 129ms
128ms Script
application/javascript 34.96.65.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.fraudblocker.com/p.js?sid=N_PvROEYPR5Jhemba05dv&vid=fadc828acf0c6b4c6d4efc36a9dd8bfa&tz=Etc%2FUnknown&os=Windows%2010&b=Chrome%20111.0.5563.64
Requested by: Host: monitor.fraudblocker.com
URL: https://monitor.fraudblocker.com/fbt.js?sid=N_PvROEYPR5Jhemba05dv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.65.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.65.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:07 GMT
x-guploader-uploadid: ADPycdupfhtFXk6zfer4U7sqPMTJE5Oh1Ym4lBZjRNO9zyJZfTB1lLavs20E9WNaXcIImrf_T410aHD70UckYLewrYkymA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
last-modified: Wed, 18 May 2022 00:10:50 GMT
server: UploadServer
etag: "7bc0ee636b3b83484fc3b9348863bd22"
x-goog-generation: 1652832650614216
content-type: application/javascript
x-goog-hash: crc32c=Fz0s1w==, md5=e8DuY2s7g0hPw7k0iGO9Ig==
cache-control: no-store
x-goog-stored-content-length: 2
accept-ranges: bytes
expires: Fri, 08 Mar 2024 16:43:07 GMT

POST
H2 204 collect Show response
t.clarity.ms/ 0
168 B 459ms
227ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c-sc/s/0.7.2/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://domains.squadhelp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: https://domains.squadhelp.com
date: Thu, 09 Mar 2023 16:43:07 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 107ms
106ms Stylesheet
text/css 34.202.126.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.126.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-126-200.compute-1.amazonaws.com
Software: /
Resource Hash: 6641b0c36210a7a28d20960126753dc55b6f051552319ecce1727886c759d6d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Mar 2023 16:43:07 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 419ms
102ms Fetch
image/jpeg 34.202.126.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.126.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-126-200.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Mar 2023 16:43:07 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

POST
H2 200 / Show response
www.facebook.com/tr/ Frame D345 0
53 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://domains.squadhelp.com
Referer: https://domains.squadhelp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://domains.squadhelp.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 16:43:07 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
426 B 107ms
107ms XHR
text/plain 34.202.126.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=tMfPTakOcQhbY9oPuRxQ5Q&is_js=true&landing_url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com&t=rusticmoves.com&tip=K-XXcMkEm8MincJIIfNYzxv96CizToHpFOvXsTlLsrU&host=https://domains.squadhelp.com&sa_conv_data_css_value=%20%220-f52f54bd-b70e-51b0-4c77-bac463eeb702%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9f52f54bdb70e51b04c77bac463eeb702b9d59bae&sa-user-id-v2=s%253A9S9UvbcOUbBMd7rEY-63ArnVm64.TDWqdaUnq3DEmXGZLi5qkX9sihy%252FUfxk%252FRM%252FFagX0Zg&sa-user-id=s%253A0-f52f54bd-b70e-51b0-4c77-bac463eeb702.uwm8pZRyy%252Fp2hj4i%252FH%252BmQGSM1gISZoE72sajxSUEtZU
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.126.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-126-200.compute-1.amazonaws.com
Software: /
Resource Hash: 65d6fc76a8f26596cce60b33939093689c23e38cdc324343e82b3e7951ea84a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 16:43:08 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://domains.squadhelp.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 116

POST
H2 204 collect Show response
t.clarity.ms/ 0
25 B 108ms
108ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c-sc/s/0.7.2/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://domains.squadhelp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: https://domains.squadhelp.com
date: Thu, 09 Mar 2023 16:43:07 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 204 unip Show response
trc-events.taboola.com/1344021/log/3/ 0
251 B 241ms
24ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=1589&scd=0&ssd=1&est=1678380187181&ver=36&isls=true&src=i&invt=1500&msa=203&rv=1&tim=1678380188770&vi=1678380187178&ri=18d5affe0ee7805afd2d413a400af13b&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1344021/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: https://domains.squadhelp.com
pragma: no-cache
date: Thu, 09 Mar 2023 16:43:08 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 b.js Show response
monitor.fraudblocker.com/ 2 B
27 B 124ms
123ms Script
application/javascript 34.96.65.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.fraudblocker.com/b.js?sid=N_PvROEYPR5Jhemba05dv&vid=fadc828acf0c6b4c6d4efc36a9dd8bfa&tz=Etc%2FUnknown&os=Windows%2010&b=Chrome%20111.0.5563.64
Requested by: Host: monitor.fraudblocker.com
URL: https://monitor.fraudblocker.com/fbt.js?sid=N_PvROEYPR5Jhemba05dv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.65.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.65.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:43:09 GMT
x-guploader-uploadid: ADPycduGg1J4jBTHpa9qJ6sxlLS0f8w11fXpoXzuW-fxareTMAjRV7TK18ZaFWEjtpEi10IO8wbP0d-EA7n5EY2lhhr9sw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
last-modified: Fri, 30 Sep 2022 21:34:18 GMT
server: UploadServer
etag: "7bc0ee636b3b83484fc3b9348863bd22"
x-goog-generation: 1664573658484855
content-type: application/javascript
x-goog-hash: crc32c=Fz0s1w==, md5=e8DuY2s7g0hPw7k0iGO9Ig==
cache-control: no-store
x-goog-stored-content-length: 2
accept-ranges: bytes
expires: Fri, 08 Mar 2024 16:43:09 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1344021/log/3/ 0
250 B 15ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1344021/log/3/unip?en=pre_d_eng_tb&tos=4591&scd=0&ssd=1&est=1678380187181&ver=36&isls=true&src=i&invt=3000&msa=203&rv=1&tim=1678380191773&vi=1678380187178&ri=18d5affe0ee7805afd2d413a400af13b&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fdomains.squadhelp.com%2Flpd%2Fname%2Frusticmoves.com
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1344021/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://domains.squadhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: https://domains.squadhelp.com
pragma: no-cache
date: Thu, 09 Mar 2023 16:43:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: script.fixel.ai
URL: https://script.fixel.ai/script/Fixel.min.js

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.squadhelp.com/	1970-01-20 10:13:01	Name: __cf_bm Value: .KjYZHQI9A1KbFEx7f6OVQoyh3dHFG9XwOCeT8K_Wj8-1678380186-0-ASDM6oIaLbCltx29K52cjQ5/TwQviD4tmv3qEGGcqLI2SyCigEL/L4jVxcXNP89CjhJgvjBWh+HB4/lPEDHt3PE=
.squadhelp.com/	1970-01-20 10:14:26	Name: _gid Value: GA1.2.1737862332.1678380187
.squadhelp.com/	1970-01-20 10:13:00	Name: _gat_DomainViews Value: 1
.squadhelp.com/	1970-01-20 12:22:36	Name: _gcl_au Value: 1.1.535535799.1678380187
.squadhelp.com/	1970-01-20 12:22:36	Name: _fbp Value: fb.1.1678380187102.1079213499
.squadhelp.com/	1970-01-20 10:13:00	Name: _dc_gtm_UA-11585500-1 Value: 1
.domains.squadhelp.com/	1970-01-20 10:56:12	Name: ahash Value: NJpKfKiOX
domains.squadhelp.com/	1969-12-31 23:59:59	Name: user_navigation_history Value: /lpd/name/rusticmoves.com
domains.squadhelp.com/	1970-01-20 14:32:12	Name: _ALGOLIA Value: anonymous-fad53ff1-c1b8-422b-9fa3-73e2e5996956
.squadhelp.com/	1970-01-20 10:14:26	Name: _uetsid Value: 781060f0be9911edbd0623473f9d2d8a
.squadhelp.com/	1970-01-20 19:34:36	Name: _uetvid Value: 7810a630be9911eda96ee38ef3746e66
.squadhelp.com/	1970-01-20 12:22:36	Name: _rdt_uuid Value: 1678380187207.727da396-6ebd-418b-b3f9-f0ebcb423301
www.clarity.ms/	1970-01-20 18:58:36	Name: CLID Value: b6d76a78ae6c451cbfad4427058018a9.20230309.20240308
domains.squadhelp.com/	1970-01-20 10:14:26	Name: ln_or Value: eyIzNDk4NyI6ImQifQ%3D%3D
.bing.com/	1970-01-20 19:34:36	Name: MUID Value: 14FAD1C0C66E63BD3E1EC30FC7BC620B
domains.squadhelp.com/	1970-01-20 10:14:26	Name: PHPSESSID Value: 9phc9b9jt9jbq1rjqov3qo0mj5
.squadhelp.com/	1970-01-20 19:49:00	Name: _ga_VJ36JWQDE1 Value: GS1.1.1678380187.1.0.1678380187.60.0.0
.squadhelp.com/	1970-01-20 19:49:00	Name: _ga Value: GA1.1.196290117.1678380187
.linkedin.com/	1970-01-20 10:56:12	Name: UserMatchHistory Value: AQLN4855vr7_VQAAAYbHQT6-b-Ho5dyPnhtgDXjdsaivYN5NKuLRqMqYPQ6Ve6P0xKJ6VNrRdRKC6Q
.linkedin.com/	1970-01-20 10:56:12	Name: AnalyticsSyncHistory Value: AQLc0UkdK4_uGAAAAYbHQT6-YnEXNK6NesMsa1N1Pa2E-o7AOnnLB69yZJqT_kAPefm0nhIhhVXG6pgm0sDLZQ
.linkedin.com/	1970-01-20 18:58:36	Name: bcookie Value: "v=2&2099771b-8212-4f4b-8fea-ba4cd1933586"
.linkedin.com/	1970-01-20 10:14:26	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2476:u=1:x=1:i=1678380187:t=1678466587:v=2:sig=AQHpUz4kBDP0FTKDy0Ixi_GjyjekXBxj"
.t.co/	1970-01-20 19:49:00	Name: muc_ads Value: 03cb9812-8b81-4bd4-8028-17604bfbb235
.doubleclick.net/	1970-01-20 19:34:36	Name: IDE Value: AHWqTUlmZhTVheLHB6re9MUwY0qvMfd9MDtI0eO4-YtC2YzA5N9HJd4fMyZgWksM
.squadhelp.com/	1970-01-20 18:58:36	Name: _clck Value: kdqpgi\|1\|f9r\|0
.twitter.com/	1970-01-20 19:49:00	Name: personalization_id Value: "v1_/sRkzInIUKKoI/0jOvKw8Q=="
.c.bing.com/	1970-01-20 10:23:04	Name: MR Value: 0
.c.bing.com/	1970-01-20 19:34:36	Name: SRM_B Value: 14FAD1C0C66E63BD3E1EC30FC7BC620B
domains.squadhelp.com/	1970-01-20 10:13:00	Name: outbrain_cid_fetch Value: true
tags.srv.stackadapt.com/	1970-01-20 18:58:36	Name: sa-user-id Value: s%3A0-f52f54bd-b70e-51b0-4c77-bac463eeb702.uwm8pZRyy%2Fp2hj4i%2FH%2BmQGSM1gISZoE72sajxSUEtZU
.srv.stackadapt.com/	1970-01-20 18:58:36	Name: sa-user-id-v2 Value: s%3A9S9UvbcOUbBMd7rEY-63ArnVm64.TDWqdaUnq3DEmXGZLi5qkX9sihy%2FUfxk%2FRM%2FFagX0Zg
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 19:34:36	Name: MUID Value: 14FAD1C0C66E63BD3E1EC30FC7BC620B
.c.clarity.ms/	1970-01-20 10:23:04	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 10:13:00	Name: ANONCHK Value: 0
domains.squadhelp.com/	1970-01-20 18:58:36	Name: sa-user-id Value: s%253A0-f52f54bd-b70e-51b0-4c77-bac463eeb702.uwm8pZRyy%252Fp2hj4i%252FH%252BmQGSM1gISZoE72sajxSUEtZU
domains.squadhelp.com/	1970-01-20 18:58:36	Name: sa-user-id-v2 Value: s%253A9S9UvbcOUbBMd7rEY-63ArnVm64.TDWqdaUnq3DEmXGZLi5qkX9sihy%252FUfxk%252FRM%252FFagX0Zg
.www.linkedin.com/	1970-01-20 18:58:36	Name: bscookie Value: "v=1&202303091643075d6567c3-8e43-4f16-8cc5-f787e610beafAQF0AhnPf1miVP4MFxldeTYEU1IA5Lnc"
.linkedin.com/	1970-01-20 14:32:12	Name: li_gc Value: MTswOzE2NzgzODAxODc7MjswMjEk06yYYN83BQtOjcQOb/OVuO5t/vNMh4Gd7cMulYdOtA==
.squadhelp.com/	1970-01-20 16:41:50	Name: intercom-id-ld9mkn53 Value: 7d231a49-ee49-4202-aa4a-accba9ce4089
.squadhelp.com/	1970-01-20 10:23:04	Name: intercom-session-ld9mkn53 Value:
.squadhelp.com/	1970-01-20 16:41:50	Name: intercom-device-id-ld9mkn53 Value: 41dedb11-e705-473f-b644-43a7b69c00e8
.squadhelp.com/	1970-01-20 10:14:26	Name: _clsk Value: 19rz3md\|1678380188040\|1\|1\|t.clarity.ms/collect

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.acsbapp.com/cache/app/domains.squadhelp.com/config.json Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
alb.reddit.com
amplify.outbrain.com
analytics.twitter.com
api-iam.intercom.io
bat.bing.com
c.bing.com
c.clarity.ms
cdn.acsbapp.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.taboola.com
connect.facebook.net
domains.squadhelp.com
googleads.g.doubleclick.net
js.intercomcdn.com
monitor.fraudblocker.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.analytics.google.com
rusticmoves.com
script.fixel.ai
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.clarity.ms
t.co
tags.srv.stackadapt.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
widget.intercom.io
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
www.squadhelp.com
script.fixel.ai
104.244.42.197
104.244.42.3
13.107.43.14
13.224.189.18
141.226.228.48
142.250.186.130
151.101.129.44
151.101.193.140
18.66.147.3
199.232.16.157
20.114.189.70
2001:4860:4802:32::36
23.35.237.86
2600:9000:20eb:f000:2:53b2:240:93a1
2606:4700:10::6816:1cc
2606:4700:10::6816:3260
2606:4700:10::6816:3360
2606:4700:10::6816:cc
2620:1ec:21::14
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c0a::9d
2a00:1450:400d:80a::2004
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42:600::396
34.202.126.200
34.96.65.117
52.20.84.62
54.160.56.92
54.209.227.7
68.219.88.97
70.42.32.223
054cd26d8bcd68cade0b1c935c78e7a7ee3696d4bc09a6bdcf544c1ac8c2e439
0732113f36c7a30a424b949ce29d6143e0ced5980fe5bac47d2914fd4f552716
0871f072c8428d3c0dae7ae1eae77c4f5681c0f2a4b08b4c9771aedeba585650
0b6f86d569ea4a17b522d2d0abf784872bcb7bd2e512c7a34bdc3a2f77fd946b
0d96b8a782ac1daa4e1ef33948329260dad685cc3a74a0f95f20089a3405f4e4
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
1a39ef7e82d7af03e1568f73655adba55f74ed0e5a338ad33c63728d60aa7328
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
21e258a2abf78eac98e3dc1f2f18c14e67c7ab844afa96fd0040dbbbd6a9cf80
24ec5ace91e3c6656624387a2087660e7faaa97b000177eff1d476ae1db389af
25912b035c9e5fbc2c818fce86d0716be27d945760f9a7b3061cde5790b978bc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a2db8b1921189735d6b493e040f2e263984855676c03c87fbe708a228a9af47
35a7a1628253a2e8efdcd2cb9768737381c018594c6f1fcb4c12b74d1032ca68
363bbda5525787b0caefb6568005cdfcc80739ff0f9397b68145d9e8146b527c
391363ce4353eae77e1c05b24f2cda3816bdfe7d97ecc8633c19a03d18744506
3c4aacb974ed3d0a3d1f57bebc8d97897ce027b0751a5f0da9ee697a825c2f1a
43907df7d7276ce8a967a205ef56d407d83e9094c00e5db83ece96c926eb565c
46b72bf568944d06058c840832352c9880eabae7f5a5d4bbf5efbf7b09dcf1fe
46c3a9dd12310f604a7003f51fc8b81509f63bfda367f1d537854f0120ba30bc
471af240c3e8a69e33f689cf38d9d672d0b27fc5e52b19eb570a127fcc82ff7b
47c45e88cf077d9f81fbf85bc409e22eaea1604e12b33ecd1ee3a1af47bd45a1
47e948f583a486bc3654c9891f730ed5c0751e4e8d124126ea73cd45ce381794
5473dcf31b90e7f4ea0727a87b517daba1ff389f8eb8e9801bfb08d88d89db9b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5f5f1d5b0e18e5c0697dac6a16803eb3b7aa806e45866000a4edb8a60c1623b3
65d6fc76a8f26596cce60b33939093689c23e38cdc324343e82b3e7951ea84a1
6641b0c36210a7a28d20960126753dc55b6f051552319ecce1727886c759d6d3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74c1f64d6437b89f66b0ac66618c82fda17d94fc0088493c571dcab9d77ec1ef
7a23893bbd5add32b801d269ddfb3803b702c5ef532988efde246a35f81e67d0
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
910d2a0a15f6454909576c3cb3f955f43eae8ed9dfc081bc89f2319d566923b6
929ab777caaabb49d8b072ca199db92a21601bf5b4dbe2262dc17a53fa256bbf
99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a299adbb6b641153f1fe6d209f1b94549fdf42eca9b64d7c5d2ab1134ac72437
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
abc04a100d9ffb66432cc6b85574582ac7d4da86d7eba38a699c605fe3086fbe
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6c2f08d044be0747c1cfe64b36a209f7a65158079cd0deadba061210a4f7d8a
bb3c463bab8256779c1746f9e19144e90973b17a336b17fdbd1ec8ec67193a60
bd73ca935c8a9ba2e7e1de39e36259026ae19454bb732e4e390fc95a898ee844
bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b
bf742275c5cc3d40e11ba335bf0a853831e1938345561b7a33da63c3dbd11ed1
c9aed4774d9115c7579326d4a6bcd07b17269e8a586a96c275ef2709c479558b
cad620880c542faa71ec7b8906bffe4b83274347ea8faac6afb729734eae5377
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d2afc34dbe70eb80ce4ab32165b34ecb166e4f7d841ff2eccbdb089ffb4646da
d3b21e77de6f67b4a530f42d9aa7c0bb9afea74c2372c22f58a8dfa5f5a05bae
d6ef1e61cbbd1ec228bcdbb740df37aaa36452ab2bb1253d7994d62e5c5e918b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e700bc9014957458568345693ab3b56be79627500d7f29ff288bd049bc2a6cf0
e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb
eada74cf2ae7135442fe81d3be183445f0cda85cdb7a26883327079337811afa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
fbe5e545c180165bd178ee77ece3a4d1d8e7a42d80201d7394fafdb8fcc203a1

domains.squadhelp.com Open in urlscan Pro 2606:4700:10::6816:3260 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

96 %HTTPS

51 %IPv6

30 Domains

43 Subdomains

38 IPs

6 Countries

1295 kBTransfer

3999 kBSize

43 Cookies

21 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

domains.squadhelp.com Open in urlscan Pro
2606:4700:10::6816:3260 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

96 %
HTTPS

51 %
IPv6

30
Domains

43
Subdomains

38
IPs

6
Countries

1295 kB
Transfer

3999 kB
Size

43
Cookies

96 HTTP transactions
0 data transactions