Report - www.novusoffice.com/resources/affiliate_resources/novus_pdf

Report Overview

Submitted URL
www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
IP
161.35.6.5
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-05-07 09:39:43
Access
public
Website Title
novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Final URL
www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-07	884 B	177 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	1.6 kB	93 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	898 B	4.1 kB	142.250.74.138
www.novusoffice.com	unknown	unknown	No data	No data	2.9 kB	315 kB	161.35.6.5
use.typekit.net	494	2010-08-02	2012-07-05	2024-05-05	3.1 kB	171 kB	23.33.119.67
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-06	1.8 kB	63 kB	104.17.24.14
static-na.payments-amazon.com	13084	2006-01-25	2012-12-05	2024-04-12	419 B	50 kB	54.230.111.51
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-06	443 B	3.6 kB	104.18.187.31
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-06	882 B	64 kB	142.250.74.106
dna.us.com	unknown	2020-03-18	2020-03-18	2023-11-24	856 B	5.5 kB	161.35.6.5
images.salsify.com	68937	2004-02-14	2015-06-02	2024-04-23	16 kB	472 kB	151.101.66.97
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-06	338 B	863 B	143.204.53.97
alive5.com	104903	2007-10-25	2017-09-01	2024-02-16	5.0 kB	243 kB	143.204.55.57
api-v2.alive5.com	118933	2007-10-25	2018-12-25	2024-02-21	2.5 kB	17 kB	44.207.182.14
files.alive5.com	unknown	2007-10-25	2023-04-13	2024-02-16	1.4 kB	21 kB	143.204.55.57

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	alive5.com/js/chat.bundle.js?s=1714391500828	Code and strings of plugins from the Tetris framework loaded by Swid

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe	183 B	2024-05-07	2024-05-07
Pretty URL www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe IP 161.35.6.5 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 11:39:51 Last Seen2024-05-07 11:39:51 Times Seen1 Hash 80f99011191a3720dd85cb5ae93d1647 6f5e133909e0fe0f5c0911f9d58f76a6e8ffa91d eaef5fc402a92cef91dc91762c9638d7aafe5ed50c23b93fa02e7515b0daffa8 Loading...

	static-na.payments-amazon.com/checkout.js	176 kB	2024-05-07	2024-05-07
Pretty URL static-na.payments-amazon.com/checkout.js IP 54.230.111.51 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 11:39:51 Last Seen2024-05-07 11:39:51 Times Seen1 Hash bfb214131f1f32bf3684a5fff83e1411 b31168d64fac7c8ea2f38023676523c7161b26ac 33ddce40d40008b412e7297d0b23c190fc9b0bc0fdd675c00fd07bd3df220bcb Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-19
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 18:38:29 Times Seen350254 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe	102 B	2024-01-27	2024-05-07
Pretty URL www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe IP 161.35.6.5 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-27 20:40:12 Last Seen2024-05-07 11:39:51 Times Seen2 Hash f248eb9eac011027859b44063a17d0cf 5e509a60bb9e4588a77c05d0a9bef2e8d7539ef3 1a89fdd2341bd0e745603aa73c234391132543656a221366d28ee31b721a1ad1 Loading...

	cdnjs.cloudflare.com/ajax/libs/Swiper/5.4.5/js/swiper.min.js	141 kB	2023-03-07	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/Swiper/5.4.5/js/swiper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:40 Last Seen2024-05-19 15:42:12 Times Seen1484 Hash 10ad6473484630a85272174de546fa21 ea40634dc07be2074345cdc14f6844d3cf3f02bd 36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029 Loading...

	www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe	173 B	2024-01-27	2024-05-07
Pretty URL www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe IP 161.35.6.5 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-27 20:40:12 Last Seen2024-05-07 11:39:51 Times Seen2 Hash 83d887a985e5fc999c5843aa61abadf7 7cf08018b23df2066349195570cae6fdf42c263f 8318c9035831c81ebca725a8bdf0187b09afc0cfb2921d395d4a8be34d140eee Loading...

	alive5.com/chat_window_wrap.html?wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696\|844aac39-4428-a185-0fb4-116ee60fa948	0 B	2023-03-07	2024-05-19
Pretty URL alive5.com/chat_window_wrap.html?wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696\|844aac39-4428-a185-0fb4-116ee60fa948 IP 143.204.55.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 18:39:02 Times Seen37837686 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe	225 B	2024-01-27	2024-05-07
Pretty URL www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe IP 161.35.6.5 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-27 20:40:12 Last Seen2024-05-07 11:39:51 Times Seen2 Hash 7161948a3a907c5ac1843b8675fd267f fa5fcc02657db758f41ebb02567f07b73ca43e95 bf733b94caa793cb8fb5ba8bbebfd7e36cee650e49bf218cd24bbd7d3b9f57dc Loading...

	cdn.jsdelivr.net/npm/vanilla-lazyload@15.1.1/dist/lazyload.min.js	6.7 kB	2023-03-09	2024-05-11
Pretty URL cdn.jsdelivr.net/npm/vanilla-lazyload@15.1.1/dist/lazyload.min.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:34:00 Last Seen2024-05-11 13:25:29 Times Seen22 Hash 9d2806bc5aa77ff9138eb16ca959ff08 9fe949fc092e6c0cea218be600ce01719f3509f0 1e68157939d8e3c4d14e6410e3a20969c5af3b043a9b0dbedcc183bfa62d9471 Loading...

	alive5.com/js/widget-min.js?s=1714391500828	40 kB	2024-04-23	2024-05-16
Pretty URL alive5.com/js/widget-min.js?s=1714391500828 IP 143.204.55.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 19:43:52 Last Seen2024-05-16 17:07:46 Times Seen32 Hash 6e38ab4423c1bac005cbf01eef8d1d81 02fd42ceb4fa8f9781a0994d2e5dbb0a6c30b84d 70db97d6ffdc2c4381c6dde092ca0d0cce838619b2eaa6108cd2bd7dd0b1ff54 Loading...

	unknown	16 B	2023-04-10	2024-05-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57:29 Last Seen2024-05-19 18:02:25 Times Seen35645 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	cdnjs.cloudflare.com/ajax/libs/socket.io/4.3.2/socket.io.js	106 kB	2023-03-07	2024-05-16
Pretty URL cdnjs.cloudflare.com/ajax/libs/socket.io/4.3.2/socket.io.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:14 Last Seen2024-05-16 17:07:47 Times Seen325 Hash 3404d8a746a4fec43de281d6b9fd501b 7cd55e0b6add2373011f04d3bba6044953caeac7 b6b7fc20b7e5eabb078b5f8f8076e46595e446522eacf29e8096151e7c65ac79 Loading...

	cdnjs.cloudflare.com/ajax/libs/chocolat/1.0.4/js/chocolat.js	25 kB	2023-03-07	2024-05-16
Pretty URL cdnjs.cloudflare.com/ajax/libs/chocolat/1.0.4/js/chocolat.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:14 Last Seen2024-05-16 17:07:47 Times Seen267 Hash 8558645e9f6dcb3447956ca9dac08ed1 2dbdfcd83ad5e87d7237f163c503e761e609fd10 23aa985ae2ae9ccb19a2ca39be4279fd544074e2dd51a69e61ae76adc40c2e81 Loading...

	www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe	396 B	2024-01-27	2024-05-07
Pretty URL www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe IP 161.35.6.5 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-27 20:40:12 Last Seen2024-05-07 11:39:51 Times Seen2 Hash dcedc120e8785938b6068500831d4341 7a8ac0ebcadbe1d8c4afcc848a9d33c35acb8441 665b1cb731e3fc13a8bb3e1a310d712f3eed6e44a17786eaddc035a34703c88c Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-19 17:59:45 Times Seen145603 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe	9.2 kB	2024-01-27	2024-05-07
Pretty URL www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe IP 161.35.6.5 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-27 20:40:13 Last Seen2024-05-07 11:39:51 Times Seen2 Hash 238ae592992b650c78d8c9c99b8dc165 beb59845be093d8645e68e9a44b9c73cdfabab99 7ad5d2c99d27d1759c8bbeb0bac33599d66739e249e113779a7403b9ca371429 Loading...

	www.novusoffice.com/resources/affiliate_resources/sandbox%20eval%20code	147 B	2023-04-11	2024-05-19
Pretty URL www.novusoffice.com/resources/affiliate_resources/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 18:38:30 Times Seen350770 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe	14 kB	2024-01-27	2024-05-07
Pretty URL www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe IP 161.35.6.5 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-27 20:40:13 Last Seen2024-05-07 11:39:51 Times Seen2 Hash 6fc9201da521695470ce9654d6639cdb dd36fe4453bf2f65a0025827a82f4a0d55b40e1d 19827a86b9a9c1c77fb75cd35ff9ac8ea4c8d838a1b280c9bac26d813842d105 Loading...

	www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe	5.4 kB	2023-11-17	2024-05-07
Pretty URL www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe IP 161.35.6.5 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-17 09:44:57 Last Seen2024-05-07 11:39:51 Times Seen3 Hash 1c89a6f724918e7a61569a72757f2c44 f2e91c715f7ffbc7ccbebb34d391e427535d86af 3904bdcdd33028a8bd42783e65baa6cda4196032eb6bcc82cc60f7a9839ccada Loading...

	alive5.com/js/a5app.js	9.7 kB	2024-04-30	2024-05-16
Pretty URL alive5.com/js/a5app.js IP 143.204.55.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 20:27:25 Last Seen2024-05-16 17:07:46 Times Seen28 Hash 3e71046bab2cb609d34097b49ca126d6 b3ea97676e6ade88a7bfadb4f8efd1f84a7f2e66 76ea3e695c61b2357e65ff67eeefb1f1f860746a7b39fb6ca288847efd138cad Loading...

	alive5.com/js/chat.bundle.js?s=1714391500828	610 kB	2024-04-30	2024-05-16
Pretty URL alive5.com/js/chat.bundle.js?s=1714391500828 IP 143.204.55.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 20:27:25 Last Seen2024-05-16 17:07:45 Times Seen14 Hash f0f260b2f5411f0f886fddc1b25fc9e3 3e38cd4eb3a95addc7cb346eac1a1e20720a5e0f 1cca1465d1c3ce680a2e9761228260c8c5baa7db87d26e0332d602bd0dd968f0 Loading...

	www.googletagmanager.com/gtag/js?id=G-2GKGF1TJ21&l=dataLayer&cx=c	312 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-2GKGF1TJ21&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 11:39:51 Last Seen2024-05-07 11:39:52 Times Seen2 Hash ac6f51ee0316747fe1febe4ac5986afc 15c0d7d9b8e39d1ac6b990d6a14051bf9e7b537c c356c45ff4d30e7c16303ccae8119f64c2067535c7669eaec4cf0a50887e78b6 Loading...

	www.googletagmanager.com/gtag/js?id=UA-65993022-1	198 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-65993022-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 11:39:51 Last Seen2024-05-07 11:39:52 Times Seen2 Hash 8fc7fcfb50d4146920f25c6e3a4e45be 2d7fdba472dafc0ee3df6eb1f8d19ffa1db19c04 91021c6c595650eab5ea7b0faf5a45de4b03c1a393c0b438f8050570cb43d032 Loading...

HTTP Transactions (76)

URL IP Response Size

www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe

161.35.6.5

301 Moved Permanently

367 B

URL User Request GET HTTP/1.1
www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
IP
161.35.6.5:80
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, ASCII text
Size
367 B (367 bytes)
Hash
d6361bdb53982d5c339e757cba8f869c
1d9d6b8277ec276b98eeab8d6f0e2bcfbe30efbb
897ce429e9598bdfca1bf146839203b0371322ed5b9956eb4758a22864b566f3

HTTP Headers

GET /resources/affiliate_resources/novus_pdf_en.exe HTTP/1.1
Host: www.novusoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=srlnrutfqrhgkh9qq97f2ldduj
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 07 May 2024 09:39:17 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Content-Length: 367
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe

161.35.6.5

301 Moved Permanently

154 kB

URL User Request GET HTTP/1.1
www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
IP
161.35.6.5:80
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1077)
Size
154 kB (154356 bytes)
Hash
2609cca26c8ee0e1b245171629e5d6a5
56a66fe70570e69bdf7cb38b65a1a4570f0282b4
e16aba91bb8dfff25c804eeec905440989568515b86c587895be643b6323d06f

HTTP Headers

GET /resources/affiliate_resources/novus_pdf_en.exe HTTP/1.1
Host: www.novusoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 07 May 2024 09:39:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Set-Cookie: PHPSESSID=srlnrutfqrhgkh9qq97f2ldduj; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe

161.35.6.5

301 Moved Permanently

154 kB

URL User Request GET HTTP/1.1
www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
IP
161.35.6.5:80
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1077)
Size
154 kB (154356 bytes)
Hash
2609cca26c8ee0e1b245171629e5d6a5
56a66fe70570e69bdf7cb38b65a1a4570f0282b4
e16aba91bb8dfff25c804eeec905440989568515b86c587895be643b6323d06f

HTTP Headers

GET /resources/affiliate_resources/novus_pdf_en.exe HTTP/1.1
Host: www.novusoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=srlnrutfqrhgkh9qq97f2ldduj
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 07 May 2024 09:39:17 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

images.salsify.com/image/upload/s--5lOhHX-F--/w_125,q_100,cs_srgb/k7mczulqpz57masl74un.jpg

151.101.66.97

200 OK

18 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--5lOhHX-F--/w_125,q_100,cs_srgb/k7mczulqpz57masl74un.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
18 kB (17611 bytes)
Hash
32be492dfead032520544b66a2956d26
c50791bfc9272c72dc74b9d2640785c8e50c237f
70652984fed8245c297573f244e0e894671048f6fa57ce9cc88fbdc65cc80484

HTTP Headers

GET /image/upload/s--5lOhHX-F--/w_125,q_100,cs_srgb/k7mczulqpz57masl74un.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
etag: "32be492dfead032520544b66a2956d26"
last-modified: Thu, 26 May 2022 17:44:03 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:18.259Z;desc=hit,rtt;dur=15,content-info;desc="width=125,height=145,owidth=250,oheight=290,obytes=57491"
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 17611
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--CEENUmss--/w_125,q_100,cs_srgb/nljsbvr60mpmshdli77z.jpg

151.101.66.97

200 OK

19 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--CEENUmss--/w_125,q_100,cs_srgb/nljsbvr60mpmshdli77z.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
19 kB (18675 bytes)
Hash
aaab3e80a5ff5c1c3f02d04b3d504cee
88c0509f210be4154f088c29c00bb08d8f9be084
7cb3c746900be22404945aa573f0600e8357a562dce7cbba05b9ee8e2cc36414

HTTP Headers

GET /image/upload/s--CEENUmss--/w_125,q_100,cs_srgb/nljsbvr60mpmshdli77z.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "aaab3e80a5ff5c1c3f02d04b3d504cee"
last-modified: Wed, 24 Jun 2020 18:35:32 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:18.260Z;desc=hit,rtt;dur=15
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 18675
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--6Az35qSs--/w_125,q_100,cs_srgb/cpsfewig5cihokuixom7.jpg

151.101.66.97

200 OK

20 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--6Az35qSs--/w_125,q_100,cs_srgb/cpsfewig5cihokuixom7.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
20 kB (19756 bytes)
Hash
5439bd24a1e4fbddbdb4e02030bbf2b8
591fe105ed7494f6c9a0ef677c51b348af0d4373
fbede47d1cc2ab0dfbbf1b265399d2ead77017ca77c2563e01130e25fdaf6014

HTTP Headers

GET /image/upload/s--6Az35qSs--/w_125,q_100,cs_srgb/cpsfewig5cihokuixom7.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "5439bd24a1e4fbddbdb4e02030bbf2b8"
last-modified: Mon, 15 Jun 2020 21:51:21 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;start=2024-05-07T09:39:18.260Z;desc=hit,rtt;dur=15
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 19756
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--aJV1MCW7--/w_125,q_100,cs_srgb/p6ynhuj2uzvav4ibkdrk.png

151.101.66.97

200 OK

4.8 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--aJV1MCW7--/w_125,q_100,cs_srgb/p6ynhuj2uzvav4ibkdrk.png
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 125 x 26, 8-bit colormap, non-interlaced
Size
4.8 kB (4814 bytes)
Hash
71ec419cb3e317417ea9fde441f40454
2a1db8baf8f8c3995ad8da5f854757ecfe38bdd4
efe5ec07321b533014781a4600eeda1c110cf3e5ef3d90a3db0005d4a9c3850e

HTTP Headers

GET /image/upload/s--aJV1MCW7--/w_125,q_100,cs_srgb/p6ynhuj2uzvav4ibkdrk.png HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "71ec419cb3e317417ea9fde441f40454"
last-modified: Mon, 15 Jun 2020 21:31:47 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:18.265Z;desc=hit,rtt;dur=15
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 4814
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--xLh1bQ4X--/w_90,q_90,cs_srgb/ysd83mfswjzcwkqcwoqd.png

151.101.66.97

200 OK

4.8 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--xLh1bQ4X--/w_90,q_90,cs_srgb/ysd83mfswjzcwkqcwoqd.png
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 90 x 28, 8-bit/color RGBA, non-interlaced
Size
4.8 kB (4812 bytes)
Hash
2580a93de0d5f6bc654b8bea21242b86
6dc50c73f6c075ec88b0699f9a9113b6e1ca7fc4
c319e8441ec75ea31a4a75f8d0dc2808e4400441e9f488e434ad11a2fa73a6b0

HTTP Headers

GET /image/upload/s--xLh1bQ4X--/w_90,q_90,cs_srgb/ysd83mfswjzcwkqcwoqd.png HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "2580a93de0d5f6bc654b8bea21242b86"
last-modified: Mon, 15 Jun 2020 21:37:39 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:18.265Z;desc=hit,rtt;dur=15
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 4812
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--_xABx8i0--/w_125,q_100,cs_srgb/tic0ppxpjpocaboelrg2.jpg

151.101.66.97

200 OK

28 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--_xABx8i0--/w_125,q_100,cs_srgb/tic0ppxpjpocaboelrg2.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
28 kB (27714 bytes)
Hash
ad360fc7623226882c3e0ff599fcafbc
6d0c655100310c2d080b9548b3063b7cdea2969d
b8b1336b7a9b71801e9dc81a9833d797005b8d46808c764c1ec2363a0bae131f

HTTP Headers

GET /image/upload/s--_xABx8i0--/w_125,q_100,cs_srgb/tic0ppxpjpocaboelrg2.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "ad360fc7623226882c3e0ff599fcafbc"
last-modified: Wed, 24 Jun 2020 18:35:38 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:18.265Z;desc=hit,rtt;dur=15
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 27714
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--80A4dQSQ--/w_125,q_100,cs_srgb/yhekk5jwxbglwqw5bcgo.jpg

151.101.66.97

200 OK

30 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--80A4dQSQ--/w_125,q_100,cs_srgb/yhekk5jwxbglwqw5bcgo.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
30 kB (29809 bytes)
Hash
780af45ca16cb5a64c0f34ef190d2830
d0ce19f5896990174f85954fd59e4ba819a4865b
2b92bce04b3c81290670f3f8d6091ea4958f1b326dc45de1d89f9280c1acd8b8

HTTP Headers

GET /image/upload/s--80A4dQSQ--/w_125,q_100,cs_srgb/yhekk5jwxbglwqw5bcgo.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "780af45ca16cb5a64c0f34ef190d2830"
last-modified: Wed, 24 Jun 2020 18:35:38 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:18.265Z;desc=hit,rtt;dur=15
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 29809
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--ePspRDfu--/w_125,q_100,cs_srgb/xwkaj0fek2pude7oxgo3.jpg

151.101.66.97

200 OK

22 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--ePspRDfu--/w_125,q_100,cs_srgb/xwkaj0fek2pude7oxgo3.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
22 kB (21887 bytes)
Hash
e374fcd6b6ad7408e7292ef071842a9d
ecf9361ad600bb7d5d624854e7e4254bd0d5a95a
bb17280b2169fe316ec56a610e470be358031908776fa2f082192df775f3682f

HTTP Headers

GET /image/upload/s--ePspRDfu--/w_125,q_100,cs_srgb/xwkaj0fek2pude7oxgo3.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "e374fcd6b6ad7408e7292ef071842a9d"
last-modified: Wed, 24 Feb 2021 16:43:35 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=1;cpu=0;start=2024-05-07T09:39:18.266Z;desc=hit,rtt;dur=15,content-info;desc="width=125,height=145"
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 21887
X-Firefox-Spdy: h2

use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3

23.33.119.67

200 OK

34 kB

URL GET HTTP/2
use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 33576, version 1.0
Size
34 kB (33576 bytes)
Hash
9b1cfac0a81d0982bae9566225f121aa
965f65de6b749f6661fe059c719b65b7ee9315bb
31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541

HTTP Headers

GET /af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.novusoffice.com
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 33576
etag: "79fea02668402fc378c129193093131a2db2577c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 07 May 2024 09:39:18 GMT
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--mIBtGQmn--/w_32/wwz37f2g2b4er0j8gyjv.png

151.101.66.97

200 OK

212 B

URL GET HTTP/2
images.salsify.com/image/upload/s--mIBtGQmn--/w_32/wwz37f2g2b4er0j8gyjv.png
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 32 x 24, 4-bit colormap, non-interlaced
Size
212 B (212 bytes)
Hash
74cd114a97d579c10dc8ff2989ea8040
3226075437f9b92ab87087ace1d3ad6087111012
d358b6ae2dd93f2ca55ff4706f41db5ea57a8abce78a03b26ce321171a299a44

HTTP Headers

GET /image/upload/s--mIBtGQmn--/w_32/wwz37f2g2b4er0j8gyjv.png HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "74cd114a97d579c10dc8ff2989ea8040"
last-modified: Wed, 15 Apr 2020 17:52:33 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:18.313Z;desc=hit,rtt;dur=14
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 212
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--_WZJ-KWV--/w_125,q_100,cs_srgb/p6mmn892hadgv4tonlz0.jpg

151.101.66.97

200 OK

18 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--_WZJ-KWV--/w_125,q_100,cs_srgb/p6mmn892hadgv4tonlz0.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 305x305, segment length 16, baseline, precision 8, 125x145, components 3
Size
18 kB (17979 bytes)
Hash
98f9f55d87cae300327f6f94ac75df96
cc61a278dba4167bc08f069e1960bb0a9f632179
9077dab2389c84d78cd008275586f526ad385abd4a4c78db08c3df4e7ad70e9f

HTTP Headers

GET /image/upload/s--_WZJ-KWV--/w_125,q_100,cs_srgb/p6mmn892hadgv4tonlz0.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
etag: "98f9f55d87cae300327f6f94ac75df96"
last-modified: Mon, 15 Jun 2020 23:36:58 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:18.313Z;desc=hit,rtt;dur=14
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 17979
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--7l1vFCd1--/w_125,q_100,cs_srgb/zjygequwztxmowjgitun.jpg

151.101.66.97

200 OK

21 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--7l1vFCd1--/w_125,q_100,cs_srgb/zjygequwztxmowjgitun.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
21 kB (20600 bytes)
Hash
805f25f04c85571d935470ea138d89dc
4713982c1d74de7ff2ed6283deca5edf6ed5882a
add3bad6ca2147258f49dd05b0b5df0ffd55170e2f5bed15ab924f8efa8d7c81

HTTP Headers

GET /image/upload/s--7l1vFCd1--/w_125,q_100,cs_srgb/zjygequwztxmowjgitun.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
etag: "805f25f04c85571d935470ea138d89dc"
last-modified: Mon, 15 Jun 2020 21:48:21 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:18.314Z;desc=hit,rtt;dur=14
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 20600
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--hnhKFdTE--/w_125,q_100,cs_srgb/slba5m7ph68d1ft2kzx6.jpg

151.101.66.97

200 OK

19 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--hnhKFdTE--/w_125,q_100,cs_srgb/slba5m7ph68d1ft2kzx6.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
19 kB (19024 bytes)
Hash
d776c9e6259934e98f9978fb6378298b
51b99f1cfd7884d8ae84309cc6cdb701c20c0856
5c65193d19488a8f1809d09ee24b0bcf41fe0e8fe43fb2f9be36499cf2085210

HTTP Headers

GET /image/upload/s--hnhKFdTE--/w_125,q_100,cs_srgb/slba5m7ph68d1ft2kzx6.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
etag: "d776c9e6259934e98f9978fb6378298b"
last-modified: Mon, 15 Jun 2020 21:50:27 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:18.314Z;desc=hit,rtt;dur=14
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 19024
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/5.4.5/js/swiper.min.js

104.17.24.14

200 OK

31 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/5.4.5/js/swiper.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65284)
Size
31 kB (31065 bytes)
Hash
10ad6473484630a85272174de546fa21
ea40634dc07be2074345cdc14f6844d3cf3f02bd
36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029

HTTP Headers

GET /ajax/libs/Swiper/5.4.5/js/swiper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 09:39:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 31065
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ee8d6b2-22681"
last-modified: Tue, 16 Jun 2020 14:26:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 572424
expires: Sun, 27 Apr 2025 09:39:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZZYL4wNuNR4W5W3Qa11GLE3Rlk7QTp9jxKZ64WlOZz2Hmx4azX%2BGWEdLM65rV94WVNl6XRofTAlwZKpADiXiZlgOjbKM1pG%2BKNftZzui9ShJ3Dg9yPl%2BS51txIP9SNMF7Vxh9qH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88003df77a4a56b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static-na.payments-amazon.com/checkout.js

54.230.111.51

200 OK

49 kB

URL GET HTTP/2
static-na.payments-amazon.com/checkout.js
IP
54.230.111.51:443
ASN
#16509 AMAZON-02

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerAmazon
Subjectstatic-na.payments-amazon.com
FingerprintC6:75:7B:66:1C:EF:52:73:19:B5:24:FC:97:50:13:B1:61:10:59:A5
ValidityMon, 22 Apr 2024 00:00:00 GMT - Wed, 21 May 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
49 kB (49219 bytes)
Hash
e05e91d2585aa087aa9b413e5e1beb75
6dcc897fb63422758da1226dc43d7a8eef3928ff
c307ccaa29d489cef1ea11da8281e647ff9070578b29608af879fa0543d7a09d

HTTP Headers

GET /checkout.js HTTP/1.1
Host: static-na.payments-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 02 May 2024 06:19:53 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: bcS9gwyDpHLWals1aaVBm1.HbuYSnHXi
server: AmazonS3
content-encoding: gzip
date: Tue, 07 May 2024 09:29:17 GMT
cache-control: max-age=1200,public
etag: W/"bfb214131f1f32bf3684a5fff83e1411"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r66-ywcS7yEE_IhyGV9VtdsS-MIHEJvfmLqNwen_Ej7YRceEo5fCWA==
age: 617
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/5.3.7/css/swiper.min.css

104.17.24.14

200 OK

3.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/5.3.7/css/swiper.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (13411)
Size
3.6 kB (3568 bytes)
Hash
0a138470ffa7dda1936e691fbef24222
0352389773c0101fcbba5a15d2c57999d13c66d8
a5b11cbc4a16ce02e18d18a9ee1009b115c9bb49cad4783200e49dd7c6bc07cb

HTTP Headers

GET /ajax/libs/Swiper/5.3.7/css/swiper.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 09:39:18 GMT
content-type: text/css; charset=utf-8
content-length: 3568
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf2-3560"
last-modified: Mon, 04 May 2020 16:04:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 574050
expires: Sun, 27 Apr 2025 09:39:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMS9kiMqV5rqV0gXxa4IhJjtCGBifG3EeNXjTl9OG3VykswzrwjMucn9ajbu6UrualftD2RB62Ws4nlPkONeXqFJMRa%2BsqR16wCVGEPULLzOGPdvjT6w%2FlKzkVcwd7zb4cm5iwxJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88003df77a4c56b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/vanilla-lazyload@15.1.1/dist/lazyload.min.js

104.18.187.31

200 OK

2.5 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/vanilla-lazyload@15.1.1/dist/lazyload.min.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6674), with CRLF line terminators
Size
2.5 kB (2468 bytes)
Hash
9d2806bc5aa77ff9138eb16ca959ff08
9fe949fc092e6c0cea218be600ce01719f3509f0
1e68157939d8e3c4d14e6410e3a20969c5af3b043a9b0dbedcc183bfa62d9471

HTTP Headers

GET /npm/vanilla-lazyload@15.1.1/dist/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 09:39:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 2468
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 15.1.1
x-jsd-version-type: version
etag: W/"1a14-n+lJ/AkubAzqIYvmAM4BcZ81CfA"
content-encoding: br
x-served-by: cache-fra-eddf8230084-FRA, cache-lga21983-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 72292
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kcTDMMPwLEA2nkY%2BN7sznlz1AQKQLLvO0rwDG2%2F8peIdRLZrmrGuenFdRqsp9wmsC8Er7hXSuHAG55PkVlBrYZT7cHcIpEiW%2BEZZruGRRBoLNPv2ldAOThVkosNZXACvUpg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88003df77a130b02-OSL
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--9nC-qErK--/w_125,q_100,cs_srgb/oqfrxkpwdehqacvgcast.jpg

151.101.66.97

200 OK

20 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--9nC-qErK--/w_125,q_100,cs_srgb/oqfrxkpwdehqacvgcast.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 125x145, components 3
Size
20 kB (20372 bytes)
Hash
79a015a25e6e15f08b8dc5ffb81c3ecd
18838a2084a05c9b0672cb6adabb2ec881d6141b
42e1cf5d9767c1fc492e53280e4b0a20180c0354a475989a713dbbb52da9c17a

HTTP Headers

GET /image/upload/s--9nC-qErK--/w_125,q_100,cs_srgb/oqfrxkpwdehqacvgcast.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "79a015a25e6e15f08b8dc5ffb81c3ecd"
last-modified: Wed, 12 Aug 2020 21:50:13 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=158;cpu=0;start=2024-05-07T09:39:18.261Z;desc=miss,rtt;dur=15,cloudinary;dur=39;start=2024-05-07T09:39:18.322Z
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 20372
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--k0knBNNk--/w_125,q_100,cs_srgb/epeo2nzlhrilhfgf3mn3.jpg

151.101.66.97

200 OK

33 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--k0knBNNk--/w_125,q_100,cs_srgb/epeo2nzlhrilhfgf3mn3.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
33 kB (33328 bytes)
Hash
ab2d1a5d80eb0bc64b20a39f78e74d6b
7ec7df05cc39ac3dbc3082e7e39f860529762083
924487112ec5750b3b4c88e7fc948e4be94b28d7438319fa28090fc225ae8280

HTTP Headers

GET /image/upload/s--k0knBNNk--/w_125,q_100,cs_srgb/epeo2nzlhrilhfgf3mn3.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "ab2d1a5d80eb0bc64b20a39f78e74d6b"
last-modified: Mon, 15 Jun 2020 21:53:54 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=167;cpu=0;start=2024-05-07T09:39:18.261Z;desc=miss,rtt;dur=15,cloudinary;dur=48;start=2024-05-07T09:39:18.321Z
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 33328
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--vC2bzEEm--/w_125,q_100,cs_srgb/xrsk8yqlojfn6nljpevl.jpg

151.101.66.97

200 OK

22 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--vC2bzEEm--/w_125,q_100,cs_srgb/xrsk8yqlojfn6nljpevl.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 125x145, components 3
Size
22 kB (21851 bytes)
Hash
61568778ab1443efe48267f3877ca76f
45cbc81e5acbd39ad6939aa7e53670b1c7a6892b
591cce337023ed23240bf6c49d4d14d618f8be0030b5bfb40745e3862e7a6512

HTTP Headers

GET /image/upload/s--vC2bzEEm--/w_125,q_100,cs_srgb/xrsk8yqlojfn6nljpevl.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "61568778ab1443efe48267f3877ca76f"
last-modified: Tue, 21 Sep 2021 14:35:35 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=165;cpu=0;start=2024-05-07T09:39:18.266Z;desc=miss,rtt;dur=15,content-info;desc="width=125,height=145,owidth=250,oheight=290,obytes=42717",cloudinary;dur=46;start=2024-05-07T09:39:18.326Z
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 21851
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--MzgJjjbs--/w_125,q_100,cs_srgb/jxaftrmdd7mg1yxr3cwh.jpg

151.101.66.97

200 OK

25 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--MzgJjjbs--/w_125,q_100,cs_srgb/jxaftrmdd7mg1yxr3cwh.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
25 kB (24630 bytes)
Hash
2ee55047d7e5471dbc855ab63e98c489
a1ecbf95d1df4fdc7658025481fffb80eb5f45f5
6ae7120e1b1b54cd370a1af1842f5b0798b887888ca64a57b6da3d940023970a

HTTP Headers

GET /image/upload/s--MzgJjjbs--/w_125,q_100,cs_srgb/jxaftrmdd7mg1yxr3cwh.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "2ee55047d7e5471dbc855ab63e98c489"
last-modified: Mon, 15 Jun 2020 21:52:30 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=185;cpu=0;start=2024-05-07T09:39:18.261Z;desc=miss,rtt;dur=15,cloudinary;dur=62;start=2024-05-07T09:39:18.324Z
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 24630
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--h-6c0djg--/w_125,q_100,cs_srgb/budq0cgy5abeb1g7xzod.jpg

151.101.66.97

200 OK

25 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--h-6c0djg--/w_125,q_100,cs_srgb/budq0cgy5abeb1g7xzod.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
25 kB (24565 bytes)
Hash
2cc0eba4db59ce48b79f5ffc7ceeb67e
c9dc835acba8f3919b1b8cebb9a4e57d18956c83
4909ac52da4a4b573237e1b1f98aae575fca13990e46eaa8fbde26f2e7e4301a

HTTP Headers

GET /image/upload/s--h-6c0djg--/w_125,q_100,cs_srgb/budq0cgy5abeb1g7xzod.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "2cc0eba4db59ce48b79f5ffc7ceeb67e"
last-modified: Thu, 29 Apr 2021 13:26:44 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=185;cpu=0;start=2024-05-07T09:39:18.266Z;desc=miss,rtt;dur=15,content-info;desc="width=125,height=145",cloudinary;dur=63;start=2024-05-07T09:39:18.328Z
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 24565
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--CzNaOJSN--/w_125,q_100,cs_srgb/vf91r2ok1cxaptu1j0oh.jpg

151.101.66.97

200 OK

21 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--CzNaOJSN--/w_125,q_100,cs_srgb/vf91r2ok1cxaptu1j0oh.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
21 kB (20855 bytes)
Hash
893a017f3a5c96d5b03c77a7aa320a34
19d8e1c42daac506e6b41fda68b7c3bf42145157
249291804ee41fee9044c2909b4cdcf5f7e35356354d5965a62f6def80a366fe

HTTP Headers

GET /image/upload/s--CzNaOJSN--/w_125,q_100,cs_srgb/vf91r2ok1cxaptu1j0oh.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "893a017f3a5c96d5b03c77a7aa320a34"
last-modified: Wed, 12 Aug 2020 21:50:18 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=198;cpu=0;start=2024-05-07T09:39:18.265Z;desc=miss,rtt;dur=15,cloudinary;dur=76;start=2024-05-07T09:39:18.328Z
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 20855
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--8c3HtA0P--/w_125,q_100,cs_srgb/mwhtkbdnfw78pnc8bwpe.jpg

151.101.66.97

200 OK

22 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--8c3HtA0P--/w_125,q_100,cs_srgb/mwhtkbdnfw78pnc8bwpe.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
22 kB (22181 bytes)
Hash
4b06f98b460cae8fe9cae4ca370f5338
1bfae90a6d99e268454f642b7948df761f804007
498cc82c39c7822ddf738f847bb00575c6c570c3beb601f09cb6f66915851c9e

HTTP Headers

GET /image/upload/s--8c3HtA0P--/w_125,q_100,cs_srgb/mwhtkbdnfw78pnc8bwpe.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "4b06f98b460cae8fe9cae4ca370f5338"
last-modified: Wed, 12 Aug 2020 21:50:13 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=207;cpu=0;start=2024-05-07T09:39:18.260Z;desc=miss,rtt;dur=15,cloudinary;dur=85;start=2024-05-07T09:39:18.322Z
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 22181
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--dRkeqLJL--/w_125,q_100,cs_srgb/tzxojdvyvjztfalopxnl.jpg

151.101.66.97

200 OK

26 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--dRkeqLJL--/w_125,q_100,cs_srgb/tzxojdvyvjztfalopxnl.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
26 kB (25665 bytes)
Hash
bde0be40758bcb8100648ab8c4401c0d
023c593c40914306ca57b02dfb08709c3fd00f4d
c623ac87425e08e83f5a7925cd56b4b446588f64029faa9c7bbb4576b447e519

HTTP Headers

GET /image/upload/s--dRkeqLJL--/w_125,q_100,cs_srgb/tzxojdvyvjztfalopxnl.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
etag: "bde0be40758bcb8100648ab8c4401c0d"
last-modified: Mon, 15 Jun 2020 21:51:05 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=168;cpu=0;start=2024-05-07T09:39:18.315Z;desc=miss,rtt;dur=14,cloudinary;dur=46;start=2024-05-07T09:39:18.377Z
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 25665
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--DJtoR1Fn--/w_125,q_100,cs_srgb/jcnqfkspe3ejwl85xfgc.jpg

151.101.66.97

200 OK

28 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--DJtoR1Fn--/w_125,q_100,cs_srgb/jcnqfkspe3ejwl85xfgc.jpg
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 125x145, components 3
Size
28 kB (27897 bytes)
Hash
d9e6afca5df338183a4b7b523ab08128
ca48f4fce9edeb990d4064b9e5edd50f57d5c031
7ca592a0593839ef0f03980ba4873c1dde8f34f04a651efca559ab6eb9247722

HTTP Headers

GET /image/upload/s--DJtoR1Fn--/w_125,q_100,cs_srgb/jcnqfkspe3ejwl85xfgc.jpg HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: "d9e6afca5df338183a4b7b523ab08128"
last-modified: Wed, 12 Aug 2020 21:50:13 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=239;cpu=0;start=2024-05-07T09:39:18.260Z;desc=miss,rtt;dur=15,cloudinary;dur=117;start=2024-05-07T09:39:18.322Z
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 27897
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--xLh1bQ4X--/w_90,q_100/ysd83mfswjzcwkqcwoqd.png

151.101.66.97

200 OK

2.3 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--xLh1bQ4X--/w_90,q_100/ysd83mfswjzcwkqcwoqd.png
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 90 x 28, 8-bit/color RGBA, non-interlaced
Size
2.3 kB (2262 bytes)
Hash
de417ed81a09a34ff1f3f2792ccc4127
e0b655b6f3864c99ac06e0bff9fe5197c2056ad7
368edcc728995d8b5daf70ffbea5b3eab899470cfe1474e61e1e843f26642c14

HTTP Headers

GET /image/upload/s--xLh1bQ4X--/w_90,q_100/ysd83mfswjzcwkqcwoqd.png HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
etag: "de417ed81a09a34ff1f3f2792ccc4127"
last-modified: Mon, 23 Nov 2020 20:05:02 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=192;cpu=0;start=2024-05-07T09:39:18.314Z;desc=miss,rtt;dur=14,content-info;desc="width=90,height=28",cloudinary;dur=71;start=2024-05-07T09:39:18.376Z
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 2262
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-65993022-1

142.250.74.168

200 OK

72 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-65993022-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
72 kB (71730 bytes)
Hash
8fc7fcfb50d4146920f25c6e3a4e45be
2d7fdba472dafc0ee3df6eb1f8d19ffa1db19c04
91021c6c595650eab5ea7b0faf5a45de4b03c1a393c0b438f8050570cb43d032

HTTP Headers

GET /gtag/js?id=UA-65993022-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 09:39:18 GMT
expires: Tue, 07 May 2024 09:39:18 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:27:35 GMT
expires: Sat, 03 May 2025 02:27:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 371504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--4mwGitpc--/w_40,q_50,cs_srgb/hjgi54fxx7k7271sbj36.png

151.101.66.97

200 OK

3.5 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--4mwGitpc--/w_40,q_50,cs_srgb/hjgi54fxx7k7271sbj36.png
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 40 x 40, 8-bit colormap, non-interlaced
Size
3.5 kB (3490 bytes)
Hash
1877d9e174dc1fc23cf019f0070e30b9
3a9b988fa1e265e42325b5959cf35c730b206496
6fef7143b3000c55db74c4440c0f60a2fa78262b073134ec31dc34e01af8e663

HTTP Headers

GET /image/upload/s--4mwGitpc--/w_40,q_50,cs_srgb/hjgi54fxx7k7271sbj36.png HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "1877d9e174dc1fc23cf019f0070e30b9"
last-modified: Mon, 13 Jul 2020 10:50:54 GMT
date: Tue, 07 May 2024 09:39:19 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;cpu=1;start=2024-05-07T09:39:19.797Z;desc=hit,rtt;dur=13
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 3490
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--fwEmMP_k--/w_40,q_50,cs_srgb/rp5ujstwr4yguyxyhq5z.png

151.101.66.97

200 OK

3.3 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--fwEmMP_k--/w_40,q_50,cs_srgb/rp5ujstwr4yguyxyhq5z.png
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 40 x 40, 8-bit colormap, non-interlaced
Size
3.3 kB (3310 bytes)
Hash
eaf37799e1513e78deeefa99f73105f2
937a4bc03f2048e64b24a7afb50565f5dd6daa3d
6f50c2be8dc6b91b5923b948905cab427b6adfd0402a1757751693035b3dc83a

HTTP Headers

GET /image/upload/s--fwEmMP_k--/w_40,q_50,cs_srgb/rp5ujstwr4yguyxyhq5z.png HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "eaf37799e1513e78deeefa99f73105f2"
last-modified: Mon, 13 Jul 2020 10:50:54 GMT
date: Tue, 07 May 2024 09:39:19 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=1;cpu=0;start=2024-05-07T09:39:19.798Z;desc=hit,rtt;dur=13
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 3310
X-Firefox-Spdy: h2

use.typekit.net/af/cebe0e/00000000000000003b9b3060/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3

23.33.119.67

200 OK

35 kB

URL GET HTTP/2
use.typekit.net/af/cebe0e/00000000000000003b9b3060/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 34640, version 1.0
Size
35 kB (34640 bytes)
Hash
380cce79880763f23ae8918f22c26763
dd38143d8f5980189ebdc67efb64301e16999695
292da5515b8830e29cf8d4beececd8f700a15e92e5e1d087def6372f45a3d67d

HTTP Headers

GET /af/cebe0e/00000000000000003b9b3060/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.novusoffice.com
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 34640
etag: "6836446a3fea48bf0b3a00b81f3391fcf4638c59"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 07 May 2024 09:39:19 GMT
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--2OSnbIva--/w_40,q_50,cs_srgb/jf5ucmevb8q3cicnic1k.png

151.101.66.97

200 OK

3.6 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--2OSnbIva--/w_40,q_50,cs_srgb/jf5ucmevb8q3cicnic1k.png
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 40 x 30, 8-bit colormap, non-interlaced
Size
3.6 kB (3631 bytes)
Hash
05c5f894764a2d6d5005ea5c25dbc211
9303baf22674e3806fb8382a4cf23d912b6b0bba
704fcfb238bfa9bff89dca58434fd4254b6a65606f304fe67b0a7e2ed01b7c3e

HTTP Headers

GET /image/upload/s--2OSnbIva--/w_40,q_50,cs_srgb/jf5ucmevb8q3cicnic1k.png HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "05c5f894764a2d6d5005ea5c25dbc211"
last-modified: Mon, 13 Jul 2020 10:50:54 GMT
date: Tue, 07 May 2024 09:39:19 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:19.799Z;desc=hit,rtt;dur=13
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 3631
X-Firefox-Spdy: h2

use.typekit.net/af/949eb9/00000000000000003b9b3076/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3

23.33.119.67

200 OK

34 kB

URL GET HTTP/2
use.typekit.net/af/949eb9/00000000000000003b9b3076/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 33804, version 1.0
Size
34 kB (33804 bytes)
Hash
906a8a6db9ea1eff6478f90054c9d976
20282b7af6b73132ff9669c28a3f99ecdda41486
4f34546ec0625750f75cf4d04d0cfd465beb9c3b2a57809a4d64120902a42f29

HTTP Headers

GET /af/949eb9/00000000000000003b9b3076/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.novusoffice.com
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 33804
etag: "bd889bd51028b55d80b8c34954c6a34e153accdc"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 07 May 2024 09:39:19 GMT
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--a0uHDYtp--/w_28/lgrgjopvaxofg8zhb9up.png

151.101.66.97

200 OK

725 B

URL GET HTTP/2
images.salsify.com/image/upload/s--a0uHDYtp--/w_28/lgrgjopvaxofg8zhb9up.png
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 28 x 28, 8-bit gray+alpha, non-interlaced
Size
725 B (725 bytes)
Hash
5b5133dcebfb68d5ba4ee25954f2623e
7d309c8f3249468a9da9d90681505436af625488
83bc374c72f2e3c3ee13dec4360bae9436eee0907a0db42b40ca729f4455e196

HTTP Headers

GET /image/upload/s--a0uHDYtp--/w_28/lgrgjopvaxofg8zhb9up.png HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "5b5133dcebfb68d5ba4ee25954f2623e"
last-modified: Mon, 05 Apr 2021 16:10:36 GMT
date: Tue, 07 May 2024 09:39:19 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=1;cpu=0;start=2024-05-07T09:39:19.810Z;desc=hit,rtt;dur=13,content-info;desc="width=28,height=28"
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 725
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-2GKGF1TJ21&l=dataLayer&cx=c

142.250.74.168

200 OK

104 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-2GKGF1TJ21&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
104 kB (104112 bytes)
Hash
ac6f51ee0316747fe1febe4ac5986afc
15c0d7d9b8e39d1ac6b990d6a14051bf9e7b537c
c356c45ff4d30e7c16303ccae8119f64c2067535c7669eaec4cf0a50887e78b6

HTTP Headers

GET /gtag/js?id=G-2GKGF1TJ21&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 09:39:19 GMT
expires: Tue, 07 May 2024 09:39:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104112
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3

23.33.119.67

200 OK

34 kB

URL GET HTTP/2
use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 34336, version 1.0
Size
34 kB (34336 bytes)
Hash
c2e5c7cc9672f6101b733deea327d1d6
3690889d33ff2c4480bfd45defb1616bc910d216
60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f

HTTP Headers

GET /af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.novusoffice.com
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 34336
etag: "b5fef031a96fc670f9c3b1b64dd52243a29d7531"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 07 May 2024 09:39:19 GMT
X-Firefox-Spdy: h2

dna.us.com/assets/styles/module.css

161.35.6.5

200 OK

3.1 kB

URL GET HTTP/1.1
dna.us.com/assets/styles/module.css
IP
161.35.6.5:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerLet's Encrypt
Subjectdna.us.com
Fingerprint69:A5:FF:08:97:3F:22:B3:A1:96:8E:EB:78:97:E4:94:4A:43:00:5F
ValidityMon, 11 Mar 2024 02:20:40 GMT - Sun, 09 Jun 2024 02:20:39 GMT

File type
ASCII text, with very long lines (8146)
Size
3.1 kB (3092 bytes)
Hash
2c2928044fea58bbcfd46f445f711854
5da641e1d209f057e7e55bae50d32dab1edb86eb
60ae9bf0910fb10dc59f148f42a300ec72a616cae7c559bc93e4829abf2dceee

HTTP Headers

GET /assets/styles/module.css HTTP/1.1
Host: dna.us.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:39:19 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 3092
Accept-Ranges: bytes
X-Original-Content-Length: 17404
Vary: Accept-Encoding
Content-Encoding: gzip
Etag: W/"PSA-aj-LCkoBE_qWL"
Expires: Wed, 08 May 2024 05:23:18 GMT
Cache-Control: max-age=71038
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

images.salsify.com/image/upload/s--5Qavxfa0--/w_40,q_50,cs_srgb/gl8jd2lpk6m7lvjvatkf.png

151.101.66.97

200 OK

5.8 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--5Qavxfa0--/w_40,q_50,cs_srgb/gl8jd2lpk6m7lvjvatkf.png
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Size
5.8 kB (5846 bytes)
Hash
20b832dace70502a90e4e5df6377ec6b
a89a7accd9d73c63409312ba3df439bc48ebee43
6a535ceb93f0888b1976e9a03e20050699a7cac2e841694e5b0c5a37a1ea771b

HTTP Headers

GET /image/upload/s--5Qavxfa0--/w_40,q_50,cs_srgb/gl8jd2lpk6m7lvjvatkf.png HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "20b832dace70502a90e4e5df6377ec6b"
last-modified: Mon, 13 Jul 2020 10:50:54 GMT
date: Tue, 07 May 2024 09:39:19 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=159;cpu=0;start=2024-05-07T09:39:19.804Z;desc=miss,rtt;dur=13,cloudinary;dur=38;start=2024-05-07T09:39:19.865Z
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 5846
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--d9xkY3Et--/w_40,q_50,cs_srgb/kdpscyws9okykngsix8x.png

151.101.66.97

200 OK

4.3 kB

URL GET HTTP/2
images.salsify.com/image/upload/s--d9xkY3Et--/w_40,q_50,cs_srgb/kdpscyws9okykngsix8x.png
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 40 x 40, 8-bit colormap, non-interlaced
Size
4.3 kB (4271 bytes)
Hash
68f6d4fcb96b2bc73eb484ab4b2ce36f
aaf445a5d6852eb06681ee8c8bab03449a8485db
bd4d364ca9b5ddcaa4dd7b133f8274c3a270a8154a65339b979a55adb49b6532

HTTP Headers

GET /image/upload/s--d9xkY3Et--/w_40,q_50,cs_srgb/kdpscyws9okykngsix8x.png HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "68f6d4fcb96b2bc73eb484ab4b2ce36f"
last-modified: Mon, 13 Jul 2020 10:50:54 GMT
date: Tue, 07 May 2024 09:39:20 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=208;cpu=0;start=2024-05-07T09:39:19.806Z;desc=miss,rtt;dur=13,cloudinary;dur=79;start=2024-05-07T09:39:19.873Z
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 4271
X-Firefox-Spdy: h2

dna.us.com/assets/styles/category.css

161.35.6.5

200 OK

1.6 kB

URL GET HTTP/1.1
dna.us.com/assets/styles/category.css
IP
161.35.6.5:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerLet's Encrypt
Subjectdna.us.com
Fingerprint69:A5:FF:08:97:3F:22:B3:A1:96:8E:EB:78:97:E4:94:4A:43:00:5F
ValidityMon, 11 Mar 2024 02:20:40 GMT - Sun, 09 Jun 2024 02:20:39 GMT

File type
ASCII text, with very long lines (5146), with no line terminators
Size
1.6 kB (1568 bytes)
Hash
d7857bc03c89799a2e6cede3b2989c66
b11e9ac71dbd2a3b4233f6369e9c39ba6a4d50ec
ecd87639db39f07ad8d4c4a148385c361c275d7e3bf14aa391eb1df141b48c26

HTTP Headers

GET /assets/styles/category.css HTTP/1.1
Host: dna.us.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:39:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 1568
Accept-Ranges: bytes
X-Original-Content-Length: 6319
Vary: Accept-Encoding
Content-Encoding: gzip
Etag: W/"PSA-aj-14V7wDyJeZ"
Expires: Tue, 07 May 2024 18:21:39 GMT
Cache-Control: max-age=31338
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:27:35 GMT
expires: Sat, 03 May 2025 02:27:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 371505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

use.typekit.net/af/8e2bbd/00000000000000003b9b3072/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3

23.33.119.67

200 OK

33 kB

URL GET HTTP/2
use.typekit.net/af/8e2bbd/00000000000000003b9b3072/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 33344, version 1.0
Size
33 kB (33344 bytes)
Hash
4a330774249fa3709f7431c159ac1ef6
eae37e3d6543962d2c74b7ab9ea189d9a5ba5eb0
507a553130db61df15e47f554bd35c5b9521584e4847173a25fcedc1f6aba776

HTTP Headers

GET /af/8e2bbd/00000000000000003b9b3072/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.novusoffice.com
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 33344
etag: "dd3ed5a051a56eebcd930c279014a0f1613402d5"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 07 May 2024 09:39:20 GMT
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--V-toSkVr--/w_20,q_50,cs_srgb/jux4vavjnbqhx6d3unlt?=202

151.101.66.97

200 OK

363 B

URL GET HTTP/2
images.salsify.com/image/upload/s--V-toSkVr--/w_20,q_50,cs_srgb/jux4vavjnbqhx6d3unlt?=202
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 20 x 20, 8-bit gray+alpha, non-interlaced
Size
363 B (363 bytes)
Hash
52f8acea08f9d4a0e2ddb67fb1cdb5b5
42a320306864355300b0275de4efa15c54597799
fc957260f36289a17209369ab05bbc317205c94ea28b84d02d8dc55327d9b236

HTTP Headers

GET /image/upload/s--V-toSkVr--/w_20,q_50,cs_srgb/jux4vavjnbqhx6d3unlt?=202 HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "52f8acea08f9d4a0e2ddb67fb1cdb5b5"
last-modified: Fri, 10 Feb 2023 19:56:12 GMT
date: Tue, 07 May 2024 09:39:20 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:20.175Z;desc=hit,rtt;dur=13,content-info;desc="width=20,height=20,owidth=400,oheight=400,obytes=6096"
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 363
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--MyQyC4ao--/w_20,q_50,cs_srgb/dfhimqcz9cygcpa9hzn1?=202

151.101.66.97

200 OK

352 B

URL GET HTTP/2
images.salsify.com/image/upload/s--MyQyC4ao--/w_20,q_50,cs_srgb/dfhimqcz9cygcpa9hzn1?=202
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 20 x 20, 8-bit gray+alpha, non-interlaced
Size
352 B (352 bytes)
Hash
b8b6e7ac1848a8f7b297ba71c699334a
d7ea71876e1aaaeed26a9d1105ef082db9913cb9
2621198f2f00943d2064fe05f5f0c3dce371f2f0749407cf7534853b6676da37

HTTP Headers

GET /image/upload/s--MyQyC4ao--/w_20,q_50,cs_srgb/dfhimqcz9cygcpa9hzn1?=202 HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "b8b6e7ac1848a8f7b297ba71c699334a"
last-modified: Fri, 10 Feb 2023 19:56:12 GMT
date: Tue, 07 May 2024 09:39:20 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:20.176Z;desc=hit,rtt;dur=13,content-info;desc="width=20,height=20,owidth=400,oheight=400,obytes=9532"
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 352
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--MyQyC4ao--/w_20,q_50,cs_srgb/dfhimqcz9cygcpa9hzn1

151.101.66.97

200 OK

352 B

URL GET HTTP/2
images.salsify.com/image/upload/s--MyQyC4ao--/w_20,q_50,cs_srgb/dfhimqcz9cygcpa9hzn1
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 20 x 20, 8-bit gray+alpha, non-interlaced
Size
352 B (352 bytes)
Hash
b8b6e7ac1848a8f7b297ba71c699334a
d7ea71876e1aaaeed26a9d1105ef082db9913cb9
2621198f2f00943d2064fe05f5f0c3dce371f2f0749407cf7534853b6676da37

HTTP Headers

GET /image/upload/s--MyQyC4ao--/w_20,q_50,cs_srgb/dfhimqcz9cygcpa9hzn1 HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "b8b6e7ac1848a8f7b297ba71c699334a"
last-modified: Fri, 10 Feb 2023 19:56:12 GMT
date: Tue, 07 May 2024 09:39:20 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=1;cpu=0;start=2024-05-07T09:39:20.178Z;desc=hit,rtt;dur=13,content-info;desc="width=20,height=20,owidth=400,oheight=400,obytes=9532"
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 352
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--nvI65OS4--/w_20,q_50,cs_srgb/s2hsftrlwobq3rl9yuhg.png

151.101.66.97

200 OK

314 B

URL GET HTTP/2
images.salsify.com/image/upload/s--nvI65OS4--/w_20,q_50,cs_srgb/s2hsftrlwobq3rl9yuhg.png
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 20 x 20, 8-bit grayscale, non-interlaced
Size
314 B (314 bytes)
Hash
2fce8653a6f4bdbb4922d2f01c5e5858
f923ce85f73f3261c389aa7752fa91a31aa5d33c
65573f97d8594ca13ff9f3846450f04f438934e7c2a565bed1fcd4eff2ebd343

HTTP Headers

GET /image/upload/s--nvI65OS4--/w_20,q_50,cs_srgb/s2hsftrlwobq3rl9yuhg.png HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
etag: "2fce8653a6f4bdbb4922d2f01c5e5858"
last-modified: Fri, 22 Mar 2024 21:34:40 GMT
date: Tue, 07 May 2024 09:39:20 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=1296000
server-timing: cld-fastly;dur=1;cpu=0;start=2024-05-07T09:39:20.181Z;desc=hit,rtt;dur=13,content-info;desc="width=20,height=20,bytes=314,owidth=148,oheight=148,obytes=1903,ef=(1,13,17,97)"
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 314
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
77a21f976a70e7c51717588e002325c4
92e5b4d28813a3332af41425b506ae992d2bfab8
5c2cb6c5ec468189e3192106847b8e152af8022134e99aa7d51710e8fa97664b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Tue, 07 May 2024 09:39:20 GMT
Server: ECAcc (amb/6B51)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: K7nRvSLyfoYqgwHYewHtyGxf3eLtAUP1WQREbkn2leqes4yxO8sHXg==

alive5.com/js/a5app.js

143.204.55.57

200 OK

3.9 kB

URL GET HTTP/2
alive5.com/js/a5app.js
IP
143.204.55.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6468)
Size
3.9 kB (3949 bytes)
Hash
3e71046bab2cb609d34097b49ca126d6
b3ea97676e6ade88a7bfadb4f8efd1f84a7f2e66
76ea3e695c61b2357e65ff67eeefb1f1f860746a7b39fb6ca288847efd138cad

HTTP Headers

GET /js/a5app.js HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
content-length: 3949
last-modified: Mon, 29 Apr 2024 11:52:05 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: KxPttbQG6sYP8XQKhl.ufsI_HS0zO5Pz
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Tue, 07 May 2024 01:32:00 GMT
etag: "cbbc9002406530693edf0d16f8186dc7"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uWCYJMXacayWw-xjpdO_6rWe5vuR4DoTmRDMnrPq_iVIzv1deX4q8A==
age: 29241
X-Firefox-Spdy: h2

alive5.com/js/widget-min.js?s=1714391500828

143.204.55.57

200 OK

12 kB

URL GET HTTP/2
alive5.com/js/widget-min.js?s=1714391500828
IP
143.204.55.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (16234)
Size
12 kB (12262 bytes)
Hash
6e38ab4423c1bac005cbf01eef8d1d81
02fd42ceb4fa8f9781a0994d2e5dbb0a6c30b84d
70db97d6ffdc2c4381c6dde092ca0d0cce838619b2eaa6108cd2bd7dd0b1ff54

HTTP Headers

GET /js/widget-min.js?s=1714391500828 HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
content-length: 12262
last-modified: Mon, 29 Apr 2024 11:52:05 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: UX0.L2Kxc10FgtrRpxBjfwDUJH7WZtna
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Mon, 06 May 2024 11:23:33 GMT
etag: "afd1472e0ac7d94da516b4731f7b51e0"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: e9r202WHcggAZ-Zf2sCBNAHgimUSfLgK0ifjPIM1bhkhZWUYz2Vt9Q==
age: 80148
X-Firefox-Spdy: h2

alive5.com/css/widget.bundle.css

143.204.55.57

200 OK

5.2 kB

URL GET HTTP/2
alive5.com/css/widget.bundle.css
IP
143.204.55.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30720)
Size
5.2 kB (5188 bytes)
Hash
a45af5edea1c8b26e73f0a23850ba1b7
b600d3a6562ac66318b94058408bca085020f4ac
b8ab91ca93b7b2d9375561994ab2b0d361c6825f327f723fba09ec621102a69e

HTTP Headers

GET /css/widget.bundle.css HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 5188
last-modified: Mon, 29 Apr 2024 11:52:06 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 6LCiyVidyQysvVIP9m7dTOEkdj9HDJ_Q
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Tue, 07 May 2024 03:20:59 GMT
etag: "437e07a2a1723f183e7572d20b2b3b0f"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: m7DY3jLrtyrnvjBOaGRA3ooR88JjVjoniIFaeZZKRR4Ij6CeyGZIOQ==
age: 22806
X-Firefox-Spdy: h2

www.novusoffice.com/assets/images/icons/192.png?v=11-8-2021-6:31pm

161.35.6.5

200 OK

2.2 kB

URL GET HTTP/1.1
www.novusoffice.com/assets/images/icons/192.png?v=11-8-2021-6:31pm
IP
161.35.6.5:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerLet's Encrypt
Subjectnovusoffice.com
Fingerprint6C:22:34:5F:B6:85:C9:6C:1F:5A:F0:FE:90:4C:ED:9C:37:7D:BC:B7
ValiditySun, 07 Apr 2024 02:21:09 GMT - Sat, 06 Jul 2024 02:21:08 GMT

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced
Size
2.2 kB (2209 bytes)
Hash
37dfc8408b979b7011eee7dba4c8d1d1
20e0fe9e590c3dba96d37f52be92c251ff493b54
dc5ac160276d3a6f941be3e2a73eb36765952256a706d19003474bf02d0355b8

HTTP Headers

GET /assets/images/icons/192.png?v=11-8-2021-6:31pm HTTP/1.1
Host: www.novusoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Cookie: PHPSESSID=srlnrutfqrhgkh9qq97f2ldduj; _ga_2GKGF1TJ21=GS1.1.1715074760.1.0.1715074760.0.0.0; _ga=GA1.1.2064924018.1715074760
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:39:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 2209
Accept-Ranges: bytes
X-Original-Content-Length: 4680
Etag: W/"PSA-aj-N9_IQIuXm3"
Expires: Sun, 12 May 2024 20:25:07 GMT
Cache-Control: max-age=470746
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

www.novusoffice.com/assets/images/icons/192.png?v=11-8-2021-6:31pm

161.35.6.5

200 OK

2.2 kB

URL GET HTTP/1.1
www.novusoffice.com/assets/images/icons/192.png?v=11-8-2021-6:31pm
IP
161.35.6.5:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerLet's Encrypt
Subjectnovusoffice.com
Fingerprint6C:22:34:5F:B6:85:C9:6C:1F:5A:F0:FE:90:4C:ED:9C:37:7D:BC:B7
ValiditySun, 07 Apr 2024 02:21:09 GMT - Sat, 06 Jul 2024 02:21:08 GMT

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced
Size
2.2 kB (2209 bytes)
Hash
37dfc8408b979b7011eee7dba4c8d1d1
20e0fe9e590c3dba96d37f52be92c251ff493b54
dc5ac160276d3a6f941be3e2a73eb36765952256a706d19003474bf02d0355b8

HTTP Headers

GET /assets/images/icons/192.png?v=11-8-2021-6:31pm HTTP/1.1
Host: www.novusoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Cookie: PHPSESSID=srlnrutfqrhgkh9qq97f2ldduj; _ga_2GKGF1TJ21=GS1.1.1715074760.1.0.1715074760.0.0.0; _ga=GA1.1.2064924018.1715074760
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:39:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 2209
Accept-Ranges: bytes
X-Original-Content-Length: 4680
Etag: W/"PSA-aj-N9_IQIuXm3"
Expires: Sun, 12 May 2024 20:25:07 GMT
Cache-Control: max-age=470746
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

alive5.com/icons.html

143.204.55.57

200 OK

5.0 kB

URL GET HTTP/2
alive5.com/icons.html
IP
143.204.55.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
5.0 kB (4965 bytes)
Hash
8f75514fc5895dc3653ca2b9d35bbd53
eedda004d2f88d4d112fa3c9dd4f4b601d0ab44c
5e32e36d67d436fa5dc42760c7f99fc41c55709c43137a96a0c572133014170a

HTTP Headers

GET /icons.html HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.novusoffice.com
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 4965
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT
access-control-expose-headers: ETag
access-control-max-age: 30000
last-modified: Mon, 29 Apr 2024 11:52:03 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: GUq.6sTiaxA_LbYdeViURM7Z8Ianr9yR
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Tue, 07 May 2024 03:57:08 GMT
etag: "c57fece4f277866b237dae4a72870d7d"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FxPWxZwh8w0I98Ci11lZzRV2SyDxbfP0DCDPPliK5Ay0eXcjdOBKGA==
age: 21850
X-Firefox-Spdy: h2

api-v2.alive5.com/1.0/widget-code/get-by-widget-id?id=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6

44.207.182.14

200 OK

15 kB

URL GET HTTP/2
api-v2.alive5.com/1.0/widget-code/get-by-widget-id?id=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6
IP
44.207.182.14:443
ASN
#14618 AMAZON-AES

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
15 kB (14698 bytes)
Hash
6bd84e4099c356029aa687fe74d2b1da
98b218fd17b754ade5794b84412f536150d98fce
ff974f1c50fc782f4123a5dbbad6bc05afd00e7e9bf2f2f594550116c199a1f6

HTTP Headers

GET /1.0/widget-code/get-by-widget-id?id=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6 HTTP/1.1
Host: api-v2.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Origin: https://www.novusoffice.com
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 09:39:20 GMT
content-type: application/json; charset=utf-8
set-cookie: AWSALB=gDJNKzAPXTKRYZsVxaj9Obkoh1vPr09+ZMOV9Wm1oMe/igA96leZvWoOUIWTd4aE/sZ+UHSkkdA7P42wXFKf2UY/B9oQeb4JLY8q+lQaMlx7KmJ6QuIaMhsWP4n4; Expires=Tue, 14 May 2024 09:39:20 GMT; Path=/
AWSALBCORS=gDJNKzAPXTKRYZsVxaj9Obkoh1vPr09+ZMOV9Wm1oMe/igA96leZvWoOUIWTd4aE/sZ+UHSkkdA7P42wXFKf2UY/B9oQeb4JLY8q+lQaMlx7KmJ6QuIaMhsWP4n4; Expires=Tue, 14 May 2024 09:39:20 GMT; Path=/; SameSite=None; Secure
server: nginx
access-control-allow-origin: https://www.novusoffice.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-expose-headers: Authorization,X-A5-APIKEY
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: W/"b43-h6SBt8LGJfMnBJwbCtEeoqTC4iU"
content-encoding: gzip
X-Firefox-Spdy: h2

alive5.com/chat_window_wrap.html?wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696|844aac39-4428-a185-0fb4-116ee60fa948

143.204.55.57

200 OK

2.0 kB

URL GET HTTP/2
alive5.com/chat_window_wrap.html?wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696|844aac39-4428-a185-0fb4-116ee60fa948
IP
143.204.55.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (449)
Size
2.0 kB (1958 bytes)
Hash
7c6c6f14d64800cd4d05c6d3b694d492
b641a043b98b0ad0c8a4968b36e18191c5c1a6f0
2734c290c319357c8391e8bd4bbd99afad7f14accf1c1cbfaffddd232ee45631

HTTP Headers

GET /chat_window_wrap.html?wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696|844aac39-4428-a185-0fb4-116ee60fa948 HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 1958
date: Tue, 07 May 2024 09:39:22 GMT
last-modified: Mon, 29 Apr 2024 11:52:03 GMT
etag: "f4c30888852da6219ab4f45868a770f7"
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: p33LzjJDrdirlD1C6y.5NBlAErqdwcZg
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CEUTPrrL3T4_6LtIEmz7EazHxXYB5eA9U8mTm1dEjVxr2KyaYHhw7A==
X-Firefox-Spdy: h2

fonts.gstatic.com/s/worksans/v19/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/worksans/v19/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20000, version 1.0
Size
20 kB (20000 bytes)
Hash
97d8353e1f7e4cf7befce53984b6760e
89959115610b69d2a26a75fd200163d6862c968e
996d2f01acc82f075e4de4980849bc80c64fb3756054b5265977636a978728f4

HTTP Headers

GET /s/worksans/v19/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://alive5.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:33:43 GMT
expires: Fri, 02 May 2025 23:33:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:54:48 GMT
content-type: font/woff2
age: 381939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948

143.204.55.57

200 OK

8.3 kB

URL GET HTTP/2
alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
IP
143.204.55.57:443
ASN
#16509 AMAZON-02

Requested by
https://alive5.com/chat_window_wrap.html?wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696|844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (29157), with no line terminators
Size
8.3 kB (8267 bytes)
Hash
35e65ad07000faf3f2215fd3b0972bbb
aa63a01daaa18866ad075a0440fc68107a9c01ae
300b4510e81ce9a2f3af1f16c32b6bb725584c47aebab6d8bf97b8cf1fc3a18d

HTTP Headers

GET /chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948 HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alive5.com/chat_window_wrap.html?wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696|844aac39-4428-a185-0fb4-116ee60fa948
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 8267
date: Tue, 07 May 2024 09:39:23 GMT
last-modified: Mon, 29 Apr 2024 11:52:02 GMT
etag: "811cc471b90a552d0eb36e4becc747e1"
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 7N7.8hUkHk8mgYvGu_ZC12qv8p5LZCaS
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vl5sfqjbsYFiuJjHwvUtmrfuHv_y-Uf4DFXcpCw8Rrtyi3D2FDUBzw==
X-Firefox-Spdy: h2

files.alive5.com/images/widgets/upload/ashfaqtest-wicon1544204526155.png

143.204.55.57

200 OK

1.5 kB

URL GET HTTP/2
files.alive5.com/images/widgets/upload/ashfaqtest-wicon1544204526155.png
IP
143.204.55.57:443
ASN
#16509 AMAZON-02

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1455 bytes)
Hash
6f878c9733062f3e765504ed137d0bc6
f66a4a84230dfbf1e8000d1515d36f893c5f31f6
f2e60f36746d4efa38a43a662e146f7ca279803288f2852c14d1137de68002e5

HTTP Headers

GET /images/widgets/upload/ashfaqtest-wicon1544204526155.png HTTP/1.1
Host: files.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 1455
last-modified: Fri, 07 Dec 2018 12:42:11 GMT
x-amz-version-id: JEJEiC9HGRttaRlxNnlXqTQphBO7xIRV
accept-ranges: bytes
server: AmazonS3
date: Tue, 07 May 2024 06:20:11 GMT
etag: "6f878c9733062f3e765504ed137d0bc6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xVJBwHhU7XDtRfy-AuFStL13A_dIQmiJ1OKDF6natfkwvEprNyNKQg==
age: 12033
X-Firefox-Spdy: h2

alive5.com/css/chat.bundle.css

143.204.55.57

200 OK

19 kB

URL GET HTTP/2
alive5.com/css/chat.bundle.css
IP
143.204.55.57:443
ASN
#16509 AMAZON-02

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (46179)
Size
19 kB (18685 bytes)
Hash
df34b12f5181ce988fb9299e25e45f65
a9cad6e7b73058414dd7b5bac17baf04dc304bf4
68b07f709fce51cceb3186bd7987951c512c6540b5616840401fde1e04d6f75a

HTTP Headers

GET /css/chat.bundle.css HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 18685
date: Tue, 07 May 2024 03:08:00 GMT
last-modified: Mon, 29 Apr 2024 11:52:06 GMT
etag: "f7cd4b13b38b9f53ea0cc35d5b9e5e9d"
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: N319yNo.tlWMpoOCro7BvGlIamRariXF
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CMGLFEcHPZz6zTybro6e_NiZhD2ccosTFj9UrUUDGa4Is4Ye2ScXkw==
age: 23483
X-Firefox-Spdy: h2

alive5.com/js/chat.bundle.js?s=1714391500828

143.204.55.57

200 OK

179 kB

URL GET HTTP/2
alive5.com/js/chat.bundle.js?s=1714391500828
IP
143.204.55.57:443
ASN
#16509 AMAZON-02

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (37235)
Size
179 kB (178669 bytes)
Hash
0dd3128a2412725ce5322d6048dba36e
ce9944b1cef6b3525df11d0220dbe473219a3cff
e329a360c07ef690c9d78da473413cf460eda21167b6650b413645fce8956a54

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Code and strings of plugins from the Tetris framework loaded by Swid

HTTP Headers

GET /js/chat.bundle.js?s=1714391500828 HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
content-length: 178669
last-modified: Mon, 29 Apr 2024 11:52:05 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: S1bhIJYS5GDFqdbk2pY2IuQv7cOyR3ru
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Tue, 07 May 2024 03:37:10 GMT
etag: "0eee5ba25193bf3f7b6c3c7a217dc572"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aYFo4zUaXPURgRUursTK3SfpmgeuHr7KDzFQ03iaNtQc2S6v1TUXLA==
age: 22309
X-Firefox-Spdy: h2

alive5.com/img/loader.gif

143.204.55.57

200 OK

3.2 kB

URL GET HTTP/2
alive5.com/img/loader.gif
IP
143.204.55.57:443
ASN
#16509 AMAZON-02

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
GIF image data, version 89a, 32 x 32
Size
3.2 kB (3208 bytes)
Hash
be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

HTTP Headers

GET /img/loader.gif HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 3208
last-modified: Mon, 29 Apr 2024 11:52:07 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ceyDpQ1NLaa.5Rj.Q58hQtCW7GnWwned
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Tue, 07 May 2024 04:15:49 GMT
etag: "be1cede97289c13920048f238fd37b85"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Q_jzl8BEsufsPpV8FYQurKXoS-zxeem7yQGf8rpFBeUPRuDcd9SMzw==
age: 20297
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/chocolat/1.0.4/js/chocolat.js

104.17.24.14

200 OK

4.0 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/chocolat/1.0.4/js/chocolat.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
4.0 kB (3965 bytes)
Hash
8558645e9f6dcb3447956ca9dac08ed1
2dbdfcd83ad5e87d7237f163c503e761e609fd10
23aa985ae2ae9ccb19a2ca39be4279fd544074e2dd51a69e61ae76adc40c2e81

HTTP Headers

GET /ajax/libs/chocolat/1.0.4/js/chocolat.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 09:39:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 3965
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6039816b-6044"
last-modified: Fri, 26 Feb 2021 23:16:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 576173
expires: Sun, 27 Apr 2025 09:39:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ShMvnRKVovmA9bfi37Db5RnHuDRCIFqm%2BIeYII%2BEIPsk48CJ4RpUWvFFu3nD8BUC%2BBY7p3v05eahcvQx60vAQV3UaOJfvveVSwqmHiOSQaJ1z1NfsLcIdvA%2Fhp95TVaXXNoN10eV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88003e140f6a712f-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/socket.io/4.3.2/socket.io.js

104.17.24.14

200 OK

21 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/socket.io/4.3.2/socket.io.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
21 kB (20711 bytes)
Hash
3404d8a746a4fec43de281d6b9fd501b
7cd55e0b6add2373011f04d3bba6044953caeac7
b6b7fc20b7e5eabb078b5f8f8076e46595e446522eacf29e8096151e7c65ac79

HTTP Headers

GET /ajax/libs/socket.io/4.3.2/socket.io.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 09:39:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 20711
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "616b8b0a-50e7"
last-modified: Sun, 17 Oct 2021 02:31:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 580722
expires: Sun, 27 Apr 2025 09:39:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXL6ok0D4xsgs%2FL95XtbyU1EhvNnLPcYY1%2F6uyVIBbQQAduk2sAABibXbLagLZEMEq3iJhY%2FP950npXw91cIkT27X2bVoP0z6eS%2FNMOwCTKzOFv5hys7rIQYDMLbBZhWw0YvRaZS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88003e140f71712f-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/worksans/v19/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/worksans/v19/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20000, version 1.0
Size
20 kB (20000 bytes)
Hash
97d8353e1f7e4cf7befce53984b6760e
89959115610b69d2a26a75fd200163d6862c968e
996d2f01acc82f075e4de4980849bc80c64fb3756054b5265977636a978728f4

HTTP Headers

GET /s/worksans/v19/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://alive5.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:33:43 GMT
expires: Fri, 02 May 2025 23:33:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:54:48 GMT
content-type: font/woff2
age: 381940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

files.alive5.com/images/widgets/upload/dahlenorthamerica-wicon1631978045804.png

143.204.55.57

200 OK

4.4 kB

URL GET HTTP/2
files.alive5.com/images/widgets/upload/dahlenorthamerica-wicon1631978045804.png
IP
143.204.55.57:443
ASN
#16509 AMAZON-02

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
PNG image data, 180 x 57, 8-bit/color RGBA, non-interlaced
Size
4.4 kB (4361 bytes)
Hash
4d8cf2960be9f35a9a45ac51ba745595
ac968f68509e9986af67d9c2d4838365e51893c1
7b86ca00f7d8bb32cddbed16a9a419832a5a6ea90506d0017bab298539499839

HTTP Headers

GET /images/widgets/upload/dahlenorthamerica-wicon1631978045804.png HTTP/1.1
Host: files.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 4361
last-modified: Sat, 18 Sep 2021 15:14:07 GMT
x-amz-version-id: jE_UEbg5odu7.5M6tZIDU4r9TB2PpV0J
accept-ranges: bytes
server: AmazonS3
date: Tue, 07 May 2024 09:39:24 GMT
etag: "4d8cf2960be9f35a9a45ac51ba745595"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Vitp9wZ8ymmPAshlwA76_gDPL8uct3Ob5NnPN9t6ly1QUxdEFfKIOw==
X-Firefox-Spdy: h2

fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

216.58.207.227

200 OK

51 kB

URL GET HTTP/3
fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 50668, version 1.0
Size
51 kB (50668 bytes)
Hash
dafd0a2e599f63fa9d7ee1d98fce7f51
f8c0cb57f10acd8f96623fbd2a7021253c860937
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

HTTP Headers

GET /s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://alive5.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:37:35 GMT
expires: Fri, 02 May 2025 02:37:35 GMT
cache-control: public, max-age=31536000
age: 457308
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css?family=Work+Sans&display=swap

142.250.74.138

200 OK

460 B

URL GET HTTP/3
fonts.googleapis.com/css?family=Work+Sans&display=swap
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://alive5.com/chat_window_wrap.html?wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696|844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
460 B (460 bytes)
Hash
7d739b6ccededfff9452845986df1f2f
73e11f4090773cdc81ac1a3dbaccb9cb9a37a908
d48c84fa4a7964d280a9a9226abe5baaf2058d438dc3890b94aeb768298f484e

HTTP Headers

GET /css?family=Work+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 09:39:22 GMT
date: Tue, 07 May 2024 09:39:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=dahlenorthamerica&thread_id=907752ab-c45e-a394-8af1-ddb865278696&crm_id=844aac39-4428-a185-0fb4-116ee60fa948&channel_id=66153826-a13f-486a-bd0b-b0399f5cc5e4&code=4&enabled_redis_storage=false&visitor=true&referrer=&page_url=https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe&attach_botchain=dahle%20-%20live%20chat&create_thread=true&bot_user_id=

44.207.182.14

204 No Content

0 B

URL OPTIONS HTTP/2
api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=dahlenorthamerica&thread_id=907752ab-c45e-a394-8af1-ddb865278696&crm_id=844aac39-4428-a185-0fb4-116ee60fa948&channel_id=66153826-a13f-486a-bd0b-b0399f5cc5e4&code=4&enabled_redis_storage=false&visitor=true&referrer=&page_url=https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe&attach_botchain=dahle%20-%20live%20chat&create_thread=true&bot_user_id=
IP
44.207.182.14:443
ASN
#14618 AMAZON-AES

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /1.0/thread/get-threads-byId?org_name=dahlenorthamerica&thread_id=907752ab-c45e-a394-8af1-ddb865278696&crm_id=844aac39-4428-a185-0fb4-116ee60fa948&channel_id=66153826-a13f-486a-bd0b-b0399f5cc5e4&code=4&enabled_redis_storage=false&visitor=true&referrer=&page_url=https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe&attach_botchain=dahle%20-%20live%20chat&create_thread=true&bot_user_id= HTTP/1.1
Host: api-v2.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://alive5.com/
Origin: https://alive5.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 07 May 2024 09:39:24 GMT
set-cookie: AWSALB=W4ZtuFdGPfmtjUcydV7hS2RGq8QtDlMWwpsUKHxtYQZwt9BnHlNrUP0VcjX37IXAuvuT/RWoLZO316JS1+0V5vLjuKj/YDPBrPCwRZ7Df28LnvTGGH+x9ZpTaTUS; Expires=Tue, 14 May 2024 09:39:24 GMT; Path=/
AWSALBCORS=W4ZtuFdGPfmtjUcydV7hS2RGq8QtDlMWwpsUKHxtYQZwt9BnHlNrUP0VcjX37IXAuvuT/RWoLZO316JS1+0V5vLjuKj/YDPBrPCwRZ7Df28LnvTGGH+x9ZpTaTUS; Expires=Tue, 14 May 2024 09:39:24 GMT; Path=/; SameSite=None; Secure
server: nginx
x-powered-by: Express
access-control-allow-origin: https://alive5.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-headers: Content-Type,Authorization,Content-Length,X-Requested-With,X-A5-APIKEY,x-xsrf-token,Cookie
access-control-max-age: 86400
access-control-expose-headers: Authorization,X-A5-APIKEY
X-Firefox-Spdy: h2

images.salsify.com/image/upload/s--tK6spwV6--/w_32/im1gi16z1vxeydpyssrh.png

151.101.66.97

200 OK

297 B

URL GET HTTP/2
images.salsify.com/image/upload/s--tK6spwV6--/w_32/im1gi16z1vxeydpyssrh.png
IP
151.101.66.97:443
ASN
#54113 FASTLY

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerGlobalSign nv-sa
Subjects2-san.cloudinary.com
Fingerprint4A:C4:04:43:57:84:CF:AC:73:45:AC:FE:14:22:D3:82:2C:9F:C3:51
ValidityMon, 14 Aug 2023 12:54:03 GMT - Sat, 14 Sep 2024 12:54:02 GMT

File type
PNG image data, 32 x 24, 8-bit colormap, non-interlaced
Size
297 B (297 bytes)
Hash
3f16a279e425af5baeabb5b590d687b9
4e81f834a720400a5ae270766df3be73ee2797a5
e74731b6b388916748dc4e42b494d46b858e9fc77626d4a4cbf0c36c92e4e646

HTTP Headers

GET /image/upload/s--tK6spwV6--/w_32/im1gi16z1vxeydpyssrh.png HTTP/1.1
Host: images.salsify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
etag: "3f16a279e425af5baeabb5b590d687b9"
last-modified: Wed, 15 Apr 2020 17:54:12 GMT
date: Tue, 07 May 2024 09:39:18 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=31536000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-07T09:39:18.314Z;desc=hit,rtt;dur=14
server: Cloudinary
x-robots-tag: noindex
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Robots-Tag,X-Content-Type-Options
content-length: 297
X-Firefox-Spdy: h2

api-v2.alive5.com/socket.io/?authToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjMxOTc3NjQzMzk1LCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJkYWhsZW5vcnRoYW1lcmljYSIsInR5cGUiOiJsaXZlY2hhdCIsImNybV9pZCI6IjI2YjIxNDFjLWRlNjAtNGQwMi04NWVmLWQ1MDFlYWNlMmE1OSIsInVzZXJfcm9sZSI6InZpc2l0b3IiLCJpYXQiOjE3MTUwNzQ3NjB9.bWRFc7u2xMoKQCKOo95qlRVEdqqdANMi_0ctzAoSsYU&thread_id=907752ab-c45e-a394-8af1-ddb865278696&crm_id=844aac39-4428-a185-0fb4-116ee60fa948&channel_id=66153826-a13f-486a-bd0b-b0399f5cc5e4&is_mobile=false&EIO=4&transport=websocket

44.207.182.14

101 Switching Protocols

0 B

URL GET HTTP/1.1
api-v2.alive5.com/socket.io/?authToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjMxOTc3NjQzMzk1LCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJkYWhsZW5vcnRoYW1lcmljYSIsInR5cGUiOiJsaXZlY2hhdCIsImNybV9pZCI6IjI2YjIxNDFjLWRlNjAtNGQwMi04NWVmLWQ1MDFlYWNlMmE1OSIsInVzZXJfcm9sZSI6InZpc2l0b3IiLCJpYXQiOjE3MTUwNzQ3NjB9.bWRFc7u2xMoKQCKOo95qlRVEdqqdANMi_0ctzAoSsYU&thread_id=907752ab-c45e-a394-8af1-ddb865278696&crm_id=844aac39-4428-a185-0fb4-116ee60fa948&channel_id=66153826-a13f-486a-bd0b-b0399f5cc5e4&is_mobile=false&EIO=4&transport=websocket
IP
44.207.182.14:443
ASN
#14618 AMAZON-AES

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socket.io/?authToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjMxOTc3NjQzMzk1LCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJkYWhsZW5vcnRoYW1lcmljYSIsInR5cGUiOiJsaXZlY2hhdCIsImNybV9pZCI6IjI2YjIxNDFjLWRlNjAtNGQwMi04NWVmLWQ1MDFlYWNlMmE1OSIsInVzZXJfcm9sZSI6InZpc2l0b3IiLCJpYXQiOjE3MTUwNzQ3NjB9.bWRFc7u2xMoKQCKOo95qlRVEdqqdANMi_0ctzAoSsYU&thread_id=907752ab-c45e-a394-8af1-ddb865278696&crm_id=844aac39-4428-a185-0fb4-116ee60fa948&channel_id=66153826-a13f-486a-bd0b-b0399f5cc5e4&is_mobile=false&EIO=4&transport=websocket HTTP/1.1
Host: api-v2.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://alive5.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Oc7MP0+TOrZs60zLQ+C8bA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 07 May 2024 09:39:23 GMT
Connection: upgrade
Set-Cookie: AWSALB=Cg/C5aXx2A1js13RCFE2NqurQHccir+/khvbJ0c/hAUEnIw3SwCU17KN8JfohSV9q8jESW3XTW9LYmHNXOLAngcXK0WV/23jJtI9LNygiIXIOtwrzhOw2vvKz8yO; Expires=Tue, 14 May 2024 09:39:23 GMT; Path=/
AWSALBCORS=Cg/C5aXx2A1js13RCFE2NqurQHccir+/khvbJ0c/hAUEnIw3SwCU17KN8JfohSV9q8jESW3XTW9LYmHNXOLAngcXK0WV/23jJtI9LNygiIXIOtwrzhOw2vvKz8yO; Expires=Tue, 14 May 2024 09:39:23 GMT; Path=/; SameSite=None; Secure
Server: nginx
Upgrade: websocket
Sec-WebSocket-Accept: cfSbNHA83h5fRsfUaRVfRC29T64=

files.alive5.com/images/widgets/upload/dahlenorthamerica-w1631976988367.png

143.204.55.57

200 OK

13 kB

URL GET HTTP/2
files.alive5.com/images/widgets/upload/dahlenorthamerica-w1631976988367.png
IP
143.204.55.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.novusoffice.com/resources/affiliate_resources/novus_pdf_en.exe
Certificate
IssuerAmazon
Subject*.alive5.com
Fingerprint93:34:8B:8B:72:28:B2:95:D0:0A:F8:D1:C5:DF:2B:E1:DA:9B:31:EA
ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
13 kB (13197 bytes)
Hash
8f276e7a6cd2fd61ca93a719a53eae9f
951b4c463aa21ca4647ad3c956687961d19962ff
8ea53396926c41640974956a3920048f6fba9843dddf181db67b083d4f52d320

HTTP Headers

GET /images/widgets/upload/dahlenorthamerica-w1631976988367.png HTTP/1.1
Host: files.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.novusoffice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 13197
date: Tue, 07 May 2024 09:39:22 GMT
last-modified: Sat, 18 Sep 2021 14:56:29 GMT
etag: "8f276e7a6cd2fd61ca93a719a53eae9f"
x-amz-version-id: h8S7E7C1K.lc1HuzsyRc4_Rzt7a2TPrQ
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VFPnf5AWso4dBrRgzwv1n4VT_95GrRTRAWBqjsBnN0aM1MyMgaZWyw==
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Work+Sans:400,500&display=swap

142.250.74.138

200 OK

2.4 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Work+Sans:400,500&display=swap
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://alive5.com/chat_window.html?preopen=undefined&wid=d5bf0395-8bc2-4cb3-a8f8-8bc7e6c43dd6&thread_crm_id=907752ab-c45e-a394-8af1-ddb865278696%7C844aac39-4428-a185-0fb4-116ee60fa948
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (2436), with no line terminators
Size
2.4 kB (2382 bytes)
Hash
a65caac9c04d92790413dada661476a6
8185d73fa0ad1264b1a4fef59691cdbdf8f8f1bd
05984b777f3ceb231b37c3a8b441e02ff38db82d050cc404e3f63868b3a545c9

HTTP Headers

GET /css?family=Work+Sans:400,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 09:39:23 GMT
date: Tue, 07 May 2024 09:39:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML