Report - tc1.shxtrk.com/

Report Overview

Submitted URL
tc1.shxtrk.com/
IP
172.67.204.98
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-26 07:43:14
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	704 B	757 B	142.250.74.67
www.linkedin.com	608	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	637 B	2.6 kB	13.107.42.14
d.clarity.ms	2285	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	992 B	574 B	40.76.174.66
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.1 kB	10 kB	216.58.211.3
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	3.0 kB	54.230.245.118
ssl.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	441 B	13 kB	142.250.74.131
docs.google.com	122	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	205 kB	216.58.207.206
cdn.segment.com	1618	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	1.3 kB	54.230.219.201
cdn4.mxpnl.com	11347	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	425 B	18 kB	130.211.5.208
tc1.shxtrk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	790 B	1.4 kB	104.21.14.194
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	882 B	68 kB	216.58.207.206
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.1 kB	216.239.32.36
px.ads.linkedin.com	522	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	2.3 kB	13.107.42.14
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	90 kB	142.250.74.168
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	724 B	1.7 kB	216.58.207.194
api.howuku.com	247067	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	8.9 kB	54.179.116.115
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	705 B	757 B	216.58.207.228
www.clarity.ms	1404	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	851 B	48 kB	13.107.238.53
c.clarity.ms	803	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	935 B	1.2 kB	20.234.93.27
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.2 kB	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	948 kB	142.250.74.35
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	90 kB	142.250.74.106
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	63 kB	34.120.237.76
c.bing.com	247	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	517 B	795 B	13.107.21.200
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.187.102.159
www.saleshandy.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	359 kB	70.32.23.111
cdn.linkedin.oribi.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	475 B	40 kB	54.230.111.78
api.segment.io	1076	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	480 B	261 B	52.26.96.136
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	906 B	218 kB	142.250.74.35
snap.licdn.com	1044	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	5.1 kB	23.36.76.210

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-26	medium	tc1.shxtrk.com/	Malware
2023-01-26	medium	tc1.shxtrk.com/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (42)

	URL	Size	First Seen	Last Seen
	www.saleshandy.com/spam-police/	215 B	2023-03-07	2024-04-26
Pretty URL www.saleshandy.com/spam-police/ IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 21:41:26 Times Seen1890 Hash dc0923c33f2f758c84c52fbb61c834a3 b058be2d1733bff3d424d94ace699f13151e3df7 d37ef4938c8ae1d3621058c0b807b594bdff045977dab405590883e514289ac3 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MGWCQPK	266 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MGWCQPK IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 07:22:49 Times Seen1 Hash eb36cba4cfd61a1ec5164575ebcfa194 6451ab4ccd5f73180401fc9a57e370f23a1a759f 5e6d90559ab36f6363cecc14df006b555fc621d1b3368160af1d16cd1eb2a483 Loading...

	cdn.howuku.com/js/control.js?v=1674718983877	22 kB	2023-03-13	2023-03-13
Pretty URL cdn.howuku.com/js/control.js?v=1674718983877 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 07:22:49 Times Seen1 Hash 53d9ad7d885dc6cb1056c1538ba3e27b 8fcd0e94ae2c51af7fbf26195b661ee395346f21 7b7a535584d65d9b6a9181b061ded20d1dcf2e1dc088583f250e56abd625bf24 Loading...

	public.profitwell.com/js/profitwell.js?auth=8513bc0a049460e3dc6a26ad7e1e73d7	36 kB	2023-03-07	2023-11-10
Pretty URL public.profitwell.com/js/profitwell.js?auth=8513bc0a049460e3dc6a26ad7e1e73d7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2023-11-10 00:02:35 Times Seen1368 Hash f3710cf44008e9509cf9d74fde8cff1f e351f7543b4a715231c742c0a4110b5d905ac60f 94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2 Loading...

	r.wdfl.co/rw.js	16 kB	2023-03-13	2023-03-13
Pretty URL r.wdfl.co/rw.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 13:06:41 Times Seen1 Hash 0f3e7f9de9004843b194d152d8de5c15 d7236121536ae543dcc006074e23595ac338b312 105470f6c8312b743199e0d9ec8ab4fc98e1a86c92d48a64e1dc1f3f6e398538 Loading...

	www.saleshandy.com/wp-content/litespeed/js/79600e2e884e2748e180b8276e6513e1.js?ver=1321a	526 kB	2023-03-13	2023-03-13
Pretty URL www.saleshandy.com/wp-content/litespeed/js/79600e2e884e2748e180b8276e6513e1.js?ver=1321a IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 07:22:49 Times Seen1 Hash 79600e2e884e2748e180b8276e6513e1 6a90a848840102789f39e53da7cae28d5ff060a0 27a308147a736737b6852a5ce43b3a0dbebcd3732c2d6da6fe94e39ec351ed35 Loading...

	www.saleshandy.com/spam-police/	2.1 kB	2023-03-13	2023-03-13
Pretty URL www.saleshandy.com/spam-police/ IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 12:48:02 Times Seen1 Hash 87c7ad51e0480c5c2f9ed7c966a21559 52f3400827b28baf0721b2d495f4088f17350c26 3559bc562f5f9ed29b37f416f20e895d018f77566bc8c4ffc94ccf829b72cf75 Loading...

	www.saleshandy.com/spam-police/	2.1 kB	2023-03-13	2023-03-13
Pretty URL www.saleshandy.com/spam-police/ IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 12:48:02 Times Seen1 Hash 28c75aeec101c4edd5d09aaa912f103f 6e81cb34ed7cd7be854a296878de748ca148f353 d4b8f2a6fd7af1e38bbfe6994d96e58202391b13b968a47ff0f051811431c995 Loading...

	docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true	14 kB	2023-03-13	2023-03-13
Pretty URL docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 07:22:49 Times Seen1 Hash 7f018fbe2faeab695490c339bef0aab4 e38bae977115b5c3901d505ad409c9cead53a744 9b33ec4a4d4318ff0403f8d2be15f5d15eb72eed20f047d2a73bc7a35bfcd8a6 Loading...

	www.google-analytics.com/gtm/optimize.js?id=GTM-PF9MQGQ	124 kB	2023-03-13	2023-03-13
Pretty URL www.google-analytics.com/gtm/optimize.js?id=GTM-PF9MQGQ IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 07:22:49 Times Seen1 Hash 29a0c3401ead3ee28e2554ecf6d6a199 edc434c4f8c2dc7b0ce5f61557e80d3520a8b097 f82c0a0c784fe1df5a6b0b8660607d7d2e890f350ba213ffec0d81a670831bac Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.saleshandy.com/spam-police/	408 B	2023-03-07	2024-04-14
Pretty URL www.saleshandy.com/spam-police/ IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-14 16:04:21 Times Seen332 Hash d3fb31fc4a0b37980210c57f2698989d 82a161b3a63cf0d5a5b37e9eacdfaf298bcbb55b 45200934a32157fcedfec503f25c156ed7a19df9a9538269e7848ad8f1adc936 Loading...

	docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true	1.5 kB	2023-03-13	2023-03-13
Pretty URL docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 12:48:02 Times Seen1 Hash 2bd8add59b3be4192bcfd4a6085b2966 ef323116db0fd323abf38494915bec9b8f206c99 7cd90bd992aeca1c25f46786377118e1962126890d139765a509a26b0695dd61 Loading...

	www.saleshandy.com/spam-police/	281 B	2023-03-13	2023-03-13
Pretty URL www.saleshandy.com/spam-police/ IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 12:48:02 Times Seen1 Hash aa3de69a0889a0d14ef82184ea059dfc 53b15a64d93eb9042fa841240ba8a9936b0d4fe1 98f21a9f7d7ca371bc6939ba9cd382ef790889b10f0f4aee4474f7a8039fe68e Loading...

	www.saleshandy.com/spam-police/	279 B	2023-03-13	2023-03-13
Pretty URL www.saleshandy.com/spam-police/ IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 12:48:02 Times Seen1 Hash 3ec1b0544f9647d7c0f77d25787f4038 7deaefe50671dcc6f637bc9b1a7e339ef8e7f032 86a58a19ae5392c758bd70f9c96964d1bbedfac21c2bf0a847d01d7f3feeefe8 Loading...

	www.saleshandy.com/spam-police/	365 B	2023-03-07	2024-04-10
Pretty URL www.saleshandy.com/spam-police/ IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:52 Last Seen2024-04-10 01:04:46 Times Seen78 Hash adedff17481d964a88a71e1a8cdc040e b057c97609aac02cf025791e047f96cde5c2732e 2bbb96ba74ad10134dcc0d46ba98184acf7b825e391c689b56591ba5493ed88f Loading...

	www.googletagmanager.com/gtag/js?id=G-65VZV193TN&l=dataLayer&cx=c	223 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-65VZV193TN&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 07:22:49 Times Seen1 Hash 7cfc08845e7c1948635251d65156f906 8f1136fdd236bde880b5bbae8a2d260b15a714e5 9fbcb62432b71ae7ac28d1a68bc682ef5a305c1626b8e32443147433e4cdb844 Loading...

	cdn.segment.com/analytics.js/v1/DY2AnAvl9M85q9NEi9Bizyw5amtFuK2Z/analytics.min.js	102 kB	2023-03-13	2023-03-13
Pretty URL cdn.segment.com/analytics.js/v1/DY2AnAvl9M85q9NEi9Bizyw5amtFuK2Z/analytics.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 12:48:02 Times Seen1 Hash 34d91e80805a5aa8b1458e3457139030 325a823224eb8f33918385cfe5a52755ffe1ff22 b7e87607a62023f1b4997c98391b99747d24fd8fb3325b46307764d2a2589240 Loading...

	www.clarity.ms/tag/ads865x4qt?ref=gtm2	957 B	2023-03-13	2023-03-13
Pretty URL www.clarity.ms/tag/ads865x4qt?ref=gtm2 IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 07:22:49 Times Seen1 Hash c5300cd39588e029bf87f5b21dd8117d cf5ba220a48c77cff7c9f032f9d35b4ba4460f55 58cc65eb04aa06dd0c6c48ab6ea07e455a375cb4a8ad7472fbf6fbf1071199ee Loading...

	www.gstatic.com/_/freebird/_/js/k=freebird.v.no.zdTVolnPOSk.O/d=1/rs=AMjVe6ja0nAIgH6c_c5iiLwd4z--Rd4sbg/m=viewer_base	377 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/_/freebird/_/js/k=freebird.v.no.zdTVolnPOSk.O/d=1/rs=AMjVe6ja0nAIgH6c_c5iiLwd4z--Rd4sbg/m=viewer_base IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:54:23 Last Seen2023-03-13 12:31:35 Times Seen1 Hash 827206015f6a532e74783b7a87958ba5 0330078a987b45f98daf19287948039683cb6f98 4977ad0b927923857c9b6d5ae864515763281837e04eae89787176dc54df2875 Loading...

	docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true	200 B	2023-03-07	2024-04-26
Pretty URL docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:08:14 Last Seen2024-04-26 17:10:23 Times Seen327 Hash 818b5f82ffbb05426d0a1411fb995bbc 19586ce5fdbc67a60faebd0e3230de521795f3d1 b30385b82a634c8a242dc54f0b2a6644c8aa8763de6326143ccfafd5420a56af Loading...

	www.saleshandy.com/spam-police/	989 B	2023-03-13	2023-03-13
Pretty URL www.saleshandy.com/spam-police/ IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 12:48:02 Times Seen1 Hash 680db10c87c8b094ee3bfff430dff020 b6281072f8c7b597eeba652bd8b215c45c26b7d7 e9a344e505e773308ab60ccfe56c06bcc5bda815ffeaebf78bb0c4b24603d67a Loading...

	www.saleshandy.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js	12 kB	2023-03-07	2024-04-26
Pretty URL www.saleshandy.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 10:52:39 Times Seen1419 Hash 45943f1d780bd7d9db946bdc5ed14a5a 41a42d3c32fe16108eb653ae903ae1fb86b7e5a8 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d Loading...

	docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true	184 B	2023-03-13	2023-03-13
Pretty URL docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 07:22:49 Times Seen1 Hash 3aab3b40102fd5bc760ed7cc35a806b0 5e1d4a52081d94b727425825ed2222dc7108659d f9b9881e515ccb1540a900c925f52f1fb349a2d6391d511ccc7d5e78ed8c39cb Loading...

	www.saleshandy.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	1.4 kB	2023-03-13	2024-04-22
Pretty URL www.saleshandy.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:58:24 Last Seen2024-04-22 09:02:15 Times Seen268 Hash 2b53efa536a2ad47262d34fd2f7bd2c8 049122c296371caf2c6a2f5c2904bc00955d9610 e4cb709013e7082e102d1018d3885c0932dfe3b93bcada40c8e646db2a29e5ee Loading...

	www.saleshandy.com/spam-police/	8.3 kB	2023-03-07	2024-04-26
Pretty URL www.saleshandy.com/spam-police/ IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 21:46:39 Times Seen2058 Hash eb78fac132e7cff1e4556b0ee5be04cf 8c0633f511df47c21639be83c719ae0e1ea26555 163c4d52fb653e1c2463e1a0e397faa297729ad6269b5205b915f3ed4b8b8d8b Loading...

	www.saleshandy.com/spam-police/	1.7 kB	2023-03-07	2024-04-14
Pretty URL www.saleshandy.com/spam-police/ IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-14 16:04:21 Times Seen431 Hash a0fe609408d246ad7b8e4b97cf257299 e506fb7cf42b400080ab195e688bb6e5c1a9d265 9fa087232ef1e1c40fd5e8eb188ae899fd7b5d00d4adcd1f5e8e48148b972304 Loading...

	http:text/javascript;base64,V2ViRm9udENvbmZpZz17Z29vZ2xlOntmYW1pbGllczpbIkludGVyOndnaHRAMzAwOzQwMDs1MDAiLCJJbnRlcjoxMDAsMTAwaXRhbGljLDIwMCwyMDBpdGFsaWMsMzAwLDMwMGl0YWxpYyw0MDAsNDAwaXRhbGljLDUwMCw1MDBpdGFsaWMsNjAwLDYwMGl0YWxpYyw3MDAsNzAwaXRhbGljLDgwMCw4MDBpdGFsaWMsOTAwLDkwMGl0YWxpYyIsIk1vbnRzZXJyYXQ6MTAwLDEwMGl0YWxpYywyMDAsMjAwaXRhbGljLDMwMCwzMDBpdGFsaWMsNDAwLDQwMGl0YWxpYyw1MDAsNTAwaXRhbGljLDYwMCw2MDBpdGFsaWMsNzAwLDcwMGl0YWxpYyw4MDAsODAwaXRhbGljLDkwMCw5MDBpdGFsaWMmZGlzcGxheT1zd2FwIl19fTtpZih0eXBlb2YgV2ViRm9udD09PSJvYmplY3QiJiZ0eXBlb2YgV2ViRm9udC5sb2FkPT09ImZ1bmN0aW9uIil7V2ViRm9udC5sb2FkKFdlYkZvbnRDb25maWcpfQ==	439 B	2023-03-13	2023-03-13
Pretty URL http:text/javascript;base64,V2ViRm9udENvbmZpZz17Z29vZ2xlOntmYW1pbGllczpbIkludGVyOndnaHRAMzAwOzQwMDs1MDAiLCJJbnRlcjoxMDAsMTAwaXRhbGljLDIwMCwyMDBpdGFsaWMsMzAwLDMwMGl0YWxpYyw0MDAsNDAwaXRhbGljLDUwMCw1MDBpdGFsaWMsNjAwLDYwMGl0YWxpYyw3MDAsNzAwaXRhbGljLDgwMCw4MDBpdGFsaWMsOTAwLDkwMGl0YWxpYyIsIk1vbnRzZXJyYXQ6MTAwLDEwMGl0YWxpYywyMDAsMjAwaXRhbGljLDMwMCwzMDBpdGFsaWMsNDAwLDQwMGl0YWxpYyw1MDAsNTAwaXRhbGljLDYwMCw2MDBpdGFsaWMsNzAwLDcwMGl0YWxpYyw4MDAsODAwaXRhbGljLDkwMCw5MDBpdGFsaWMmZGlzcGxheT1zd2FwIl19fTtpZih0eXBlb2YgV2ViRm9udD09PSJvYmplY3QiJiZ0eXBlb2YgV2ViRm9udC5sb2FkPT09ImZ1bmN0aW9uIil7V2ViRm9udC5sb2FkKFdlYkZvbnRDb25maWcpfQ== IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 12:48:01 Times Seen1 Hash 352ccb61d127983c9d40f73a2b8751f0 ab730dba2329a7859a292fdeb9c846921ea463dc e1ecf82791797ea212675067bff4b28a9bf9e16f72a85fe2c9b69b1a47b2a98d Loading...

	www.saleshandy.com/spam-police/	599 B	2023-03-13	2023-03-13
Pretty URL www.saleshandy.com/spam-police/ IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 12:48:01 Times Seen1 Hash 0f0efc26b33530c2e4a7c2b78e205e4c 0c1df70da94ca7ac512722788e4b2109629eee52 e8c19441f219730201e532446dfaafbe3d5d7b248a7725281126e4dce393432f Loading...

	cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js	52 kB	2023-03-07	2023-11-28
Pretty URL cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js IP 130.211.5.208 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:07 Last Seen2023-11-28 05:12:26 Times Seen204 Hash 2299085ab7c7a3e0dc8e06de7cf433c1 f062a45e0ba2a8aa564755b96328b970981fac09 da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/875623304/?random=1674718983788&cv=11&fst=1674718983788&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&auid=248314411.1674718984&rfmt=3&fmt=4	1.9 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/875623304/?random=1674718983788&cv=11&fst=1674718983788&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&auid=248314411.1674718984&rfmt=3&fmt=4 IP 216.58.207.194 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 07:22:49 Times Seen1 Hash d7b5198371804605add6daed04baa8ae c48fe403f3a048cb9d8426345eb97ca3a6967d39 92f19384cbaae749c1ad816a9d09751a76f24f9cfd921070c27da24136846780 Loading...

	docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true	184 B	2023-03-13	2023-03-13
Pretty URL docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 07:22:49 Times Seen1 Hash 5c01f1f0de128966ca61013fbeb83279 c3cccc5595e67c5af1c94b1af4812a7ce6a4d083 eaa66c12040c6fb355c8cfa2f9d2bdcbad88752657bd4b3d9d8302f6eccb43e6 Loading...

	docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true	14 kB	2023-03-13	2023-03-13
Pretty URL docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 07:22:49 Times Seen1 Hash 343ceff7c033a2fccaaf74146d330856 cf3d83d40818d14974c034b733dd6669f0bf1ca7 3e1c422c855bb8b1c79c9f70331336e8e1477e63a40ec4de59f73a380987c590 Loading...

	www.saleshandy.com/spam-police/	341 B	2023-03-13	2023-03-13
Pretty URL www.saleshandy.com/spam-police/ IP 70.32.23.111 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 12:48:02 Times Seen1 Hash 73a2f332f5aded3cf626772f23e4dc89 a0a6dcaf229859f59832bf9b4398b80727eb0b78 1849e09f849bc1435fbbd99792ad1920e8302454796e0c2ab2a35537ad748b15 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 04:26:38 Times Seen37110677 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.howuku.com/js/track.js	11 kB	2023-03-13	2023-03-13
Pretty URL cdn.howuku.com/js/track.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 07:22:49 Times Seen1 Hash 663b7a2caecb43923d3c012a6fdf853d 1effe0d1a57c351fec5396fab1b2d8859cfc2846 be9f19b9d53f8cb8fbf587e45be7e297bcc8697060648703b81b0d966f268389 Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-12	2024-03-30
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:01:01 Last Seen2024-03-30 11:38:49 Times Seen5925 Hash b846c9d158853dd4aa95d3d7407ed8bb 2cf0eb02a22e8bd80d19a50a84593420d777d5db f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f Loading...

	www.clarity.ms/eus/s/0.7.1/clarity.js	57 kB	2023-03-09	2023-11-05
Pretty URL www.clarity.ms/eus/s/0.7.1/clarity.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:22:27 Last Seen2023-11-05 22:32:51 Times Seen3 Hash b9b253f431c87fd6d386778bb4f53db8 7e1615b8e242a06e0631ed4e0662cc3fb6487fc6 da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf Loading...

		Size	First Seen	Last Seen
	#1 Eval - fe734579185a7e2dbf2d01412764292c	54 B	2023-03-13	2024-01-29
Pretty Observations First Seen2023-03-13 07:22:49 Last Seen2024-01-29 16:06:01 Times Seen28 Hash fe734579185a7e2dbf2d01412764292c 1b2374e94c77f42ed21341017d2f609e3639fb54 58cfa99d3dc581922c3c8860f7ceb78a5044d7a533a76f9fb6f8a556a91bbb87 Loading...

	#2 Eval - c67e213d9ecbca07b06c6081ee66ccaf	23 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 11:26:03 Times Seen1 Hash c67e213d9ecbca07b06c6081ee66ccaf cf14e2d38f37e4a21b942d6c64603622d182611e 6982ed542097aff4af6baff0a7ac69c8cdbfec303d3909b061429471d0e0c83f Loading...

	#3 Eval - c78c408c0cfa835b71d80eb79af0f5d5	1.0 kB	2023-03-08	2024-04-02
Pretty Observations First Seen2023-03-08 07:43:17 Last Seen2024-04-02 14:58:32 Times Seen73 Hash c78c408c0cfa835b71d80eb79af0f5d5 943917aae14d0ed79a98c2c8dd8fa1c68d2de8e6 bbf1671858b72547e9da98c7385734b3b2f5fa80dc0dfc60fddd958740b683ba Loading...

	#4 Eval - 33b588302e233ce7e773d404f3989b57	574 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 07:22:49 Last Seen2023-03-13 11:26:03 Times Seen1 Hash 33b588302e233ce7e773d404f3989b57 ade7e06b574bcc4db8445d36889e3601a4e32340 11e8f25dba1c590df1fcfe00bc6444164eb36cf2e72154a803c5f10e7625216c Loading...

HTTP Transactions (129)

URL IP Response Size

tc1.shxtrk.com/

104.21.14.194

301 Moved Permanently

0 B

URL HTTP/1.1
tc1.shxtrk.com/
IP
104.21.14.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: tc1.shxtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 07:43:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 26 Jan 2023 08:43:02 GMT
Location: https://tc1.shxtrk.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZE4AqU9V2dQnQ4z2JjN%2FBLkxxMPb93FGrsEMKq2WOqxq8xpG%2BebNd9sNhKKRkuNn5uQTYxOMnrIsQ8GDNRxveu9mfjH2sby6vLag4zN2MjcyN5ryPylCF5OR4vilQrR1A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f79d8ace87b521-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12965
Expires: Thu, 26 Jan 2023 11:19:08 GMT
Date: Thu, 26 Jan 2023 07:43:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f5e46725831d8d722872bf68d752f4c5
cf37793a1b73e3f84fe6c37fb27382c83b49dbc0
0582b6180687dd95c7fd728f1b9db4495b807151e309b608ad203d69708f9da6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2889
Expires: Thu, 26 Jan 2023 08:31:12 GMT
Date: Thu, 26 Jan 2023 07:43:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8263
Expires: Thu, 26 Jan 2023 10:00:46 GMT
Date: Thu, 26 Jan 2023 07:43:03 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 07:35:16 GMT
content-type: application/json
age: 467
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 9Yuh7uPjr9/YRjD5QyH6SNPCigt396f+cy27qc6yJ6oISs385BPKeLILd2Lo/TxlNhYm6AL/pag=
x-amz-request-id: 4RMTJT490K3XY3WG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 06:48:52 GMT
age: 3251
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 07:43:03 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8ca66793f36928a6849d19f0558bb5dc
dfc116b4306e7a01514f1d322fc293f91587d5c3
5224e88f751c35cd2e4c80032d1b7df6f8c3744408b3b3a29f84225b0eb1992f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129214
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:03 GMT
Etag: "63d184c5-117"
Expires: Fri, 27 Jan 2023 19:36:37 GMT
Last-Modified: Wed, 25 Jan 2023 19:36:37 GMT
Server: nginx
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8ca66793f36928a6849d19f0558bb5dc
dfc116b4306e7a01514f1d322fc293f91587d5c3
5224e88f751c35cd2e4c80032d1b7df6f8c3744408b3b3a29f84225b0eb1992f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=129214
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:03 GMT
Etag: "63d184c5-117"
Expires: Fri, 27 Jan 2023 19:36:37 GMT
Last-Modified: Wed, 25 Jan 2023 19:36:37 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 07:41:40 GMT
age: 83
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12166
Expires: Thu, 26 Jan 2023 11:05:49 GMT
Date: Thu, 26 Jan 2023 07:43:03 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
04cb7fc8b1e2a65a0b198cc53eb5e5cd
6d04611612d81108e856467f0e4b0479cbb37d33
1c745d8ace7ea6f8e5d7da5e9c067b7b3427ce9c5a5e2c5c35d1c345266de518

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.187.102.159

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.102.159:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AJT7YXjy4gIqIoZwAUF15Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J+9dMgJxG6rwBQ5NUmI1CBVyPl0=

www.saleshandy.com/wp-content/litespeed/css/ed15b13ea22ebb296b41acd6eb661a6f.css?ver=1321a

70.32.23.111

200 OK

103 kB

URL HTTP/2
www.saleshandy.com/wp-content/litespeed/css/ed15b13ea22ebb296b41acd6eb661a6f.css?ver=1321a
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (65536), with no line terminators
Size
103 kB (103184 bytes)
Hash
40aa0c1247346311b053b103d56584b3
acc3c2dfecc4b6a448fdb2e31149d8099330d26d
ccde98336ca8ac5fdf44b1d596cddda6f0035101c7ccc4983ca6baa580da0a93

HTTP Headers

GET /wp-content/litespeed/css/ed15b13ea22ebb296b41acd6eb661a6f.css?ver=1321a HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/spam-police/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800, public
expires: Thu, 26 Jan 2023 07:43:05 GMT
content-type: text/css
last-modified: Tue, 24 Jan 2023 18:40:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 103184
date: Thu, 26 Jan 2023 07:43:03 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.saleshandy.com/wp-content/uploads/2021/12/Saleshandy-logo_default.svg

70.32.23.111

200 OK

1.9 kB

URL HTTP/2
www.saleshandy.com/wp-content/uploads/2021/12/Saleshandy-logo_default.svg
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5191), with no line terminators
Size
1.9 kB (1936 bytes)
Hash
9d545b1129c53ce1d1edafc54c59d4a8
a1eb89b5d5e4f6e5e4e927a5454dd363b11cbcf0
06ec8a09cf6366d23256e25a857bb2f0ac06de8c9e5bd78540bf570afd79cf6e

HTTP Headers

GET /wp-content/uploads/2021/12/Saleshandy-logo_default.svg HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/spam-police/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2
expires: Thu, 26 Jan 2023 07:43:05 GMT
content-type: image/svg+xml
last-modified: Sat, 29 Jan 2022 06:27:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1936
date: Thu, 26 Jan 2023 07:43:03 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.saleshandy.com/spam-police/

70.32.23.111

200 OK

21 kB

URL HTTP/2
www.saleshandy.com/spam-police/
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12355)
Size
21 kB (21386 bytes)
Hash
948a73d6725dd8fdf6edaea34d02df02
55d21dac705a8126745f7f1e0f88565a554cfba5
b4c84c15bfce72133d51a0f063c10cd14872409b1516f3ee712cf0363504e55c

HTTP Headers

GET /spam-police/ HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
x-dns-prefetch-control: on
content-type: text/html; charset=UTF-8
link: <https://www.saleshandy.com/wp-json/>; rel="https://api.w.org/", <https://www.saleshandy.com/wp-json/wp/v2/pages/11585>; rel="alternate"; type="application/json", <https://www.saleshandy.com/?p=11585>; rel=shortlink
vary: Accept-Encoding
etag: "14085-1674687493;br"
x-litespeed-cache: hit
content-encoding: br
date: Thu, 26 Jan 2023 07:43:03 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
04cb7fc8b1e2a65a0b198cc53eb5e5cd
6d04611612d81108e856467f0e4b0479cbb37d33
1c745d8ace7ea6f8e5d7da5e9c067b7b3427ce9c5a5e2c5c35d1c345266de518

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/_/freebird/_/js/k=freebird.v.no.zdTVolnPOSk.O/d=1/rs=AMjVe6ja0nAIgH6c_c5iiLwd4z--Rd4sbg/m=viewer_base

142.250.74.35

200 OK

124 kB

URL HTTP/2
www.gstatic.com/_/freebird/_/js/k=freebird.v.no.zdTVolnPOSk.O/d=1/rs=AMjVe6ja0nAIgH6c_c5iiLwd4z--Rd4sbg/m=viewer_base
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1781)
Size
124 kB (123723 bytes)
Hash
405a1fbc0933063005fc0c3864f6a48d
fe2c879fb7b8d7b9cd4b7c6a20c5d645fd2ecd89
81dc70a962e546a1f518d0960fd66eadf70650f009b904a1a2fe63392bc03a08

HTTP Headers

GET /_/freebird/_/js/k=freebird.v.no.zdTVolnPOSk.O/d=1/rs=AMjVe6ja0nAIgH6c_c5iiLwd4z--Rd4sbg/m=viewer_base HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-forms"
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-length: 123723
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 09:03:49 GMT
expires: Sun, 21 Jan 2024 09:03:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 19 Jan 2023 19:23:47 GMT
content-type: text/javascript; charset=UTF-8
age: 427155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/_/freebird/_/ss/k=freebird.v.QYA_KE3mcM4.L.F4.O/d=1/rs=AMjVe6isTIYOULYW3nhT_quTTTe1a6T35w

142.250.74.35

200 OK

92 kB

URL HTTP/2
www.gstatic.com/_/freebird/_/ss/k=freebird.v.QYA_KE3mcM4.L.F4.O/d=1/rs=AMjVe6isTIYOULYW3nhT_quTTTe1a6T35w
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
92 kB (92389 bytes)
Hash
8562528853d7669d8967dc6ab2bd9837
1d42fa123ebe509804bc4dfea37534b8c7dd32c9
7ec924f2a7254d3518f705d81c5d8f8bda61ae881c84c52e8c7c00e99632b7ff

HTTP Headers

GET /_/freebird/_/ss/k=freebird.v.QYA_KE3mcM4.L.F4.O/d=1/rs=AMjVe6isTIYOULYW3nhT_quTTTe1a6T35w HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-forms"
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-length: 92389
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 21:24:02 GMT
expires: Thu, 25 Jan 2024 21:24:02 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 19 Jan 2023 19:23:47 GMT
content-type: text/css; charset=UTF-8
age: 37142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://docs.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 43750
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2

142.250.74.35

200 OK

35 kB

URL HTTP/2
fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35060, version 1.0\012- data
Size
35 kB (35060 bytes)
Hash
0360dbc6e8c09dce9183a1fd78f3be2e
6cd4b65a94707ae941d78b12f082c968cb05ec92
2db6bc36808d43fa89029c652636e206fa3e889b35ecf71814ab85f8ba944af3

HTTP Headers

GET /s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://docs.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 22:36:40 GMT
expires: Wed, 24 Jan 2024 22:36:40 GMT
cache-control: public, max-age=31536000
age: 119184
last-modified: Tue, 19 Apr 2022 17:57:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

142.250.74.35

200 OK

28 kB

URL HTTP/2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Size
28 kB (28288 bytes)
Hash
53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

HTTP Headers

GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://docs.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 14:34:21 GMT
expires: Fri, 19 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 580123
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4369
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 07:43:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4369
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 07:43:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4369
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 07:43:05 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5943 bytes)
Hash
ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 35663
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

142.250.74.106

200 OK

31 kB

URL HTTP/2
fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
31 kB (30705 bytes)
Hash
3024a31e5011c2223acd4d4acaa278f6
36c5281e9522715f4d0c12e738b4c0dd7f71a918
23304e7aa7880c679fdd4ff5ba4f0633f4c3e6debe72943c6695ae3c7b988273

HTTP Headers

GET /css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 07:43:04 GMT
date: Thu, 26 Jan 2023 07:43:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F733dfbca-7d8b-4f4f-ba0f-4532797efa30.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10260 bytes)
Hash
acdc532aa5d43a7d0b77c13c5d0ec2ec
51540c2f99198a366d92c1a0be37392b9d4ecc28
f74cd8d72107cf7bf8919069c2d96e1d8a29330e978c72f032374330beee2020

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F733dfbca-7d8b-4f4f-ba0f-4532797efa30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10260
x-amzn-requestid: b80d09e0-2667-4b84-a180-b3ca997efda5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwiExLIAMFsjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a003-7eecacba4944d6975c317964;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GHYWRBoGxL54wz-UV9sd_fdbBy1GDgWdxqt3RgzXk0yu96i39sDLXA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:51:26 GMT
etag: "51540c2f99198a366d92c1a0be37392b9d4ecc28"
content-type: image/jpeg
age: 35499
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f3b2cec-c481-45f0-9a3f-1b2524aae46e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10039 bytes)
Hash
df3e17e51228c67116f656ebd07d80d2
3135b1a0597a970913ef6dbe1110f244eddd5cf9
493524ea7aef2fa6c99701fde6ef96e5a05cfa95ff0421ab33fa47a797646404

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f3b2cec-c481-45f0-9a3f-1b2524aae46e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10039
x-amzn-requestid: f7454b15-532e-4224-8f43-a9e085c417d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGngFvtIAMF6Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8496-201fde6e675cfc2d26cd0c62;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:11:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uMUb8tOr-oBignR8ujv5gp-2ycgOCWUsPEmaY_uAEtyuOMNFaeisYg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:48:44 GMT
age: 86061
etag: "3135b1a0597a970913ef6dbe1110f244eddd5cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.saleshandy.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

70.32.23.111

200 OK

4.6 kB

URL HTTP/2
www.saleshandy.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
Unicode text, UTF-8 text, with very long lines (12075), with no line terminators
Size
4.6 kB (4649 bytes)
Hash
9f13b032fc9d1d0bfa22ae268061029d
f907e0109a038b96e82e8d580c58ab4cfac3a638
421e780508d578b9e5944f2a07e656d61533d4626767db8eacae5877b12b0467

HTTP Headers

GET /wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/spam-police/
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800, public
expires: Thu, 26 Jan 2023 07:43:07 GMT
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 22:19:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4649
date: Thu, 26 Jan 2023 07:43:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12758 bytes)
Hash
7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mjK4GJ3UCEuHk4XqmXdZCWHTVvJeX8Z2HFaem2GYzqfqlPSd_h6DfA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:33:59 GMT
age: 546
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47770e9d-2bfd-4b8d-8653-017d569d133f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8897 bytes)
Hash
8dcb846958865d2b14b540f26c963847
90c1569a936c7922880a04a5882683b1ac85b86f
253e15cc191946fe8c499b0633e95523689bdee6c06579c2953c640168abd7a9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47770e9d-2bfd-4b8d-8653-017d569d133f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8897
x-amzn-requestid: ce231e55-4131-43b5-bec6-f4861a952163
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSY_DF03oAMFm8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d52c-611bceff093006444f7955cb;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7nDjP6udEKuZ9WC-XUCtTWcnO_G1uIfv-4cPlO2fzxa6wz2DDO0faQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:37:31 GMT
age: 334
etag: "90c1569a936c7922880a04a5882683b1ac85b86f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8822 bytes)
Hash
13cd008fb3e2739ec7caadadbd427655
c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1
a300a4fde1863c8b806d0557d9f0adaed19e1c612989d7e3f79a7bb45e6e74dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8822
x-amzn-requestid: e16ae781-25f3-4b7d-b62b-85b35d6571c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYRwF2KIAMFjDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0d7-377f24bd18dea32564b148bd;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n2ULSpeRMRZ9CDjmrwd56ti_gPYh9ApC521naXURI2Bh1eiKwjyHZw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:51:26 GMT
age: 35499
etag: "c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.saleshandy.com/wp-content/litespeed/css/ed15b13ea22ebb296b41acd6eb661a6f.css?ver=1321a

70.32.23.111

200 OK

103 kB

URL HTTP/2
www.saleshandy.com/wp-content/litespeed/css/ed15b13ea22ebb296b41acd6eb661a6f.css?ver=1321a
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (65536), with no line terminators
Size
103 kB (103184 bytes)
Hash
40aa0c1247346311b053b103d56584b3
acc3c2dfecc4b6a448fdb2e31149d8099330d26d
ccde98336ca8ac5fdf44b1d596cddda6f0035101c7ccc4983ca6baa580da0a93

HTTP Headers

GET /wp-content/litespeed/css/ed15b13ea22ebb296b41acd6eb661a6f.css?ver=1321a HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/spam-police/
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800, public
expires: Thu, 26 Jan 2023 07:43:07 GMT
content-type: text/css
last-modified: Tue, 24 Jan 2023 18:40:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 103184
date: Thu, 26 Jan 2023 07:43:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.saleshandy.com/spam-police/

70.32.23.111

200 OK

45 kB

URL HTTP/2
www.saleshandy.com/spam-police/
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13180)
Size
45 kB (45087 bytes)
Hash
2ed9c055a3458d54c4b67acb426efd49
edd92664573d5b7efb7747d12d752954e6bcad9d
6b3584e64eaf19c23b400f766a3af357c86053a5d275c42e6f9cd3ac5f05c568

HTTP Headers

GET /spam-police/ HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
x-dns-prefetch-control: on
content-type: text/html; charset=UTF-8
link: <https://www.saleshandy.com/wp-json/>; rel="https://api.w.org/", <https://www.saleshandy.com/wp-json/wp/v2/pages/11585>; rel="alternate"; type="application/json", <https://www.saleshandy.com/?p=11585>; rel=shortlink
vary: Accept-Encoding
etag: "14055-1674686806;br"
x-litespeed-cache: hit
content-encoding: br
date: Thu, 26 Jan 2023 07:43:04 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

www.saleshandy.com/wp-content/uploads/2021/12/Saleshandy-logo_default.svg

70.32.23.111

200 OK

1.9 kB

URL HTTP/2
www.saleshandy.com/wp-content/uploads/2021/12/Saleshandy-logo_default.svg
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5191), with no line terminators
Size
1.9 kB (1936 bytes)
Hash
9d545b1129c53ce1d1edafc54c59d4a8
a1eb89b5d5e4f6e5e4e927a5454dd363b11cbcf0
06ec8a09cf6366d23256e25a857bb2f0ac06de8c9e5bd78540bf570afd79cf6e

HTTP Headers

GET /wp-content/uploads/2021/12/Saleshandy-logo_default.svg HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/spam-police/
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2
expires: Thu, 26 Jan 2023 07:43:07 GMT
content-type: image/svg+xml
last-modified: Sat, 29 Jan 2022 06:27:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1936
date: Thu, 26 Jan 2023 07:43:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.saleshandy.com/wp-content/uploads/2022/01/logo_light.png

70.32.23.111

200 OK

5.7 kB

URL HTTP/2
www.saleshandy.com/wp-content/uploads/2022/01/logo_light.png
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
PNG image data, 404 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size
5.7 kB (5670 bytes)
Hash
4e4f33c5b71631d745f877ed4d0de0ef
0aecde75205b1385211bea927ec3f1f70370effb
46b74b67c1d90196f889414aecdb5e74f2b33d4a6a55f636469083a4a428348f

HTTP Headers

GET /wp-content/uploads/2022/01/logo_light.png HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/spam-police/
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800, public
expires: Thu, 26 Jan 2023 07:43:07 GMT
content-type: image/png
last-modified: Sat, 29 Jan 2022 06:27:49 GMT
accept-ranges: bytes
content-length: 5670
date: Thu, 26 Jan 2023 07:43:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:08:09 GMT
expires: Sat, 20 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 520496
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.35

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size
38 kB (37924 bytes)
Hash
e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 01:47:10 GMT
expires: Mon, 22 Jan 2024 01:47:10 GMT
cache-control: public, max-age=31536000
age: 366955
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.35

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size
38 kB (37924 bytes)
Hash
e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 01:47:10 GMT
expires: Mon, 22 Jan 2024 01:47:10 GMT
cache-control: public, max-age=31536000
age: 366955
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.35

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size
38 kB (37924 bytes)
Hash
e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 01:47:10 GMT
expires: Mon, 22 Jan 2024 01:47:10 GMT
cache-control: public, max-age=31536000
age: 366955
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.35

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size
38 kB (37924 bytes)
Hash
e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 01:47:10 GMT
expires: Mon, 22 Jan 2024 01:47:10 GMT
cache-control: public, max-age=31536000
age: 366955
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.35

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size
38 kB (37924 bytes)
Hash
e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 01:47:10 GMT
expires: Mon, 22 Jan 2024 01:47:10 GMT
cache-control: public, max-age=31536000
age: 366955
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.35

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size
38 kB (37924 bytes)
Hash
e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 01:47:10 GMT
expires: Mon, 22 Jan 2024 01:47:10 GMT
cache-control: public, max-age=31536000
age: 366955
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.35

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size
38 kB (37924 bytes)
Hash
e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 01:47:10 GMT
expires: Mon, 22 Jan 2024 01:47:10 GMT
cache-control: public, max-age=31536000
age: 366955
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.35

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size
38 kB (37924 bytes)
Hash
e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 01:47:10 GMT
expires: Mon, 22 Jan 2024 01:47:10 GMT
cache-control: public, max-age=31536000
age: 366955
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.saleshandy.com/wp-content/themes/saleshandy/images/blue-arrow.svg

70.32.23.111

200 OK

230 B

URL HTTP/2
www.saleshandy.com/wp-content/themes/saleshandy/images/blue-arrow.svg
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (394)
Size
230 B (230 bytes)
Hash
aed3abd3ea73bfe5208a9d02b46345a5
b663a921c0624d539f2cf24fe7e8ab5dbebb72e0
26b682fdc6a67bcae6e4e851a5de9d100801ff997b422924f5291ba9ee6009d0

HTTP Headers

GET /wp-content/themes/saleshandy/images/blue-arrow.svg HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/wp-content/litespeed/css/ed15b13ea22ebb296b41acd6eb661a6f.css?ver=1321a
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2
expires: Thu, 26 Jan 2023 07:43:07 GMT
content-type: image/svg+xml
last-modified: Tue, 02 Aug 2022 10:27:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 230
date: Thu, 26 Jan 2023 07:43:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.35

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size
38 kB (37924 bytes)
Hash
e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 01:47:10 GMT
expires: Mon, 22 Jan 2024 01:47:10 GMT
cache-control: public, max-age=31536000
age: 366955
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:08:09 GMT
expires: Sat, 20 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 520496
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.saleshandy.com/wp-content/themes/saleshandy/images/assets_sprite.webp

70.32.23.111

200 OK

17 kB

URL HTTP/2
www.saleshandy.com/wp-content/themes/saleshandy/images/assets_sprite.webp
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
RIFF (little-endian) data, Web/P image\012- data
Size
17 kB (16694 bytes)
Hash
1d3e3b6cb1158acd0ceb4f093e5ab9f0
5a7c24678bbd4040d73074e2bfb26a211f74ee12
27b6d7d0851e5f37b67b6f91d296ac065d45521975672d4c8b6138d679e00699

HTTP Headers

GET /wp-content/themes/saleshandy/images/assets_sprite.webp HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/wp-content/litespeed/css/ed15b13ea22ebb296b41acd6eb661a6f.css?ver=1321a
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2
expires: Thu, 26 Jan 2023 07:43:07 GMT
content-type: image/webp
last-modified: Fri, 06 Jan 2023 08:21:15 GMT
accept-ranges: bytes
content-length: 16694
date: Thu, 26 Jan 2023 07:43:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.saleshandy.com/wp-content/themes/saleshandy/images/assets_sprite.png

70.32.23.111

200 OK

26 kB

URL HTTP/2
www.saleshandy.com/wp-content/themes/saleshandy/images/assets_sprite.png
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
PNG image data, 146 x 3400, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (25599 bytes)
Hash
a7b5284b571a65f4ca107d78dbd9dc6e
a6e0cc96acbfdb73fb3c058ebb798fbd6a89c8ad
831532c475124b0942dcdc0b71a8c611c3034413bdd2dcd21da421a320ad04ab

HTTP Headers

GET /wp-content/themes/saleshandy/images/assets_sprite.png HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/wp-content/litespeed/css/ed15b13ea22ebb296b41acd6eb661a6f.css?ver=1321a
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800, public
expires: Thu, 26 Jan 2023 07:43:07 GMT
content-type: image/png
last-modified: Fri, 06 Jan 2023 08:21:17 GMT
accept-ranges: bytes
content-length: 25599
date: Thu, 26 Jan 2023 07:43:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-MGWCQPK

142.250.74.168

200 OK

90 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MGWCQPK
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (26745)
Size
90 kB (89675 bytes)
Hash
86d637efac634cb854028a56bf794ffb
a5fa5403327132bf2fa23e7e900e96a36f368c76
b979456572bc6d6b3f4a5a3ede79f9d064a8172e8b831dfdddd3ace6ad70e880

HTTP Headers

GET /gtm.js?id=GTM-MGWCQPK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 07:43:05 GMT
expires: Thu, 26 Jan 2023 07:43:05 GMT
cache-control: private, max-age=900
last-modified: Thu, 26 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89675
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

142.250.74.35

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Size
32 kB (31760 bytes)
Hash
fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

HTTP Headers

GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 13:28:31 GMT
expires: Tue, 23 Jan 2024 13:28:31 GMT
cache-control: public, max-age=31536000
age: 238474
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.saleshandy.com/wp-content/uploads/matomo/matomo.js

70.32.23.111

200 OK

21 kB

URL HTTP/2
www.saleshandy.com/wp-content/uploads/matomo/matomo.js
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (1601)
Size
21 kB (20568 bytes)
Hash
4311aa932b176c523d1764b794aff95c
82b9ba9e4dda86a9330ead37d37f1a9bdb046f0c
a96e005736de25de6ec8e33c2054c75e629a3045314737a5dbb31e460f61bef9

HTTP Headers

GET /wp-content/uploads/matomo/matomo.js HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/spam-police/
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800, public
expires: Thu, 26 Jan 2023 07:43:07 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 18:57:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20568
date: Thu, 26 Jan 2023 07:43:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:08:09 GMT
expires: Sat, 20 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 520496
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

142.250.74.35

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Size
32 kB (31760 bytes)
Hash
fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

HTTP Headers

GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 13:28:31 GMT
expires: Tue, 23 Jan 2024 13:28:31 GMT
cache-control: public, max-age=31536000
age: 238474
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:08:09 GMT
expires: Sat, 20 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 520496
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

142.250.74.35

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Size
32 kB (31760 bytes)
Hash
fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

HTTP Headers

GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 13:28:31 GMT
expires: Tue, 23 Jan 2024 13:28:31 GMT
cache-control: public, max-age=31536000
age: 238474
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:08:09 GMT
expires: Sat, 20 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 520496
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

142.250.74.35

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Size
32 kB (31760 bytes)
Hash
fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

HTTP Headers

GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 13:28:31 GMT
expires: Tue, 23 Jan 2024 13:28:31 GMT
cache-control: public, max-age=31536000
age: 238474
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:08:09 GMT
expires: Sat, 20 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 520496
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:08:09 GMT
expires: Sat, 20 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 520496
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

142.250.74.35

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Size
32 kB (31760 bytes)
Hash
fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

HTTP Headers

GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 13:28:31 GMT
expires: Tue, 23 Jan 2024 13:28:31 GMT
cache-control: public, max-age=31536000
age: 238474
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

142.250.74.35

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Size
32 kB (31760 bytes)
Hash
fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

HTTP Headers

GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 13:28:31 GMT
expires: Tue, 23 Jan 2024 13:28:31 GMT
cache-control: public, max-age=31536000
age: 238474
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:08:09 GMT
expires: Sat, 20 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 520496
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

142.250.74.35

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Size
32 kB (31760 bytes)
Hash
fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

HTTP Headers

GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 13:28:31 GMT
expires: Tue, 23 Jan 2024 13:28:31 GMT
cache-control: public, max-age=31536000
age: 238474
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:08:09 GMT
expires: Sat, 20 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 520496
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0799905e6866484aa453464a35b010b5
4ad079647608709f93f4ec46e5dfc35b50e548bc
07054cd467a504156b6ea75c07147a94a2356ba470a25a8cff1e770b7513ea2c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140460
Date: Thu, 26 Jan 2023 07:43:05 GMT
Etag: "63d19b50-1d7"
Expires: Fri, 27 Jan 2023 22:44:05 GMT
Last-Modified: Wed, 25 Jan 2023 21:12:48 GMT
Server: ECS (dcb/7F80)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8XNi_BZeVymO3nq0eyA2FyvtcpUZpUkgfWkas0Kqfl5DAC9ExofC1A==
Age: 5477

www.saleshandy.com/wp-content/plugins/matomo/app/matomo.php?action_name=SalesHandy%20Spam%20Police%20-%20SalesHandy&idsite=1&rec=1&r=273376&h=7&m=43&s=3&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&_id=0f4a04c0aa99faf1&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=sChXej&pf_net=254&pf_srv=117&pf_tfr=115&pf_dm1=634&uadata=%7B%7D

70.32.23.111

204 No Content

0 B

URL HTTP/2
www.saleshandy.com/wp-content/plugins/matomo/app/matomo.php?action_name=SalesHandy%20Spam%20Police%20-%20SalesHandy&idsite=1&rec=1&r=273376&h=7&m=43&s=3&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&_id=0f4a04c0aa99faf1&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=sChXej&pf_net=254&pf_srv=117&pf_tfr=115&pf_dm1=634&uadata=%7B%7D
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /wp-content/plugins/matomo/app/matomo.php?action_name=SalesHandy%20Spam%20Police%20-%20SalesHandy&idsite=1&rec=1&r=273376&h=7&m=43&s=3&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&_id=0f4a04c0aa99faf1&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=sChXej&pf_net=254&pf_srv=117&pf_tfr=115&pf_dm1=634&uadata=%7B%7D HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://www.saleshandy.com/spam-police/
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6; _pk_id.1.be65=0f4a04c0aa99faf1.1674718984.; _pk_ses.1.be65=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
x-powered-by: PHP/7.4.33
x-dns-prefetch-control: on
access-control-allow-origin: https://www.saleshandy.com
access-control-allow-credentials: true
x-litespeed-cache-control: no-cache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
date: Thu, 26 Jan 2023 07:43:06 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons+Extended

142.250.74.106

200 OK

44 kB

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons+Extended
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
44 kB (44410 bytes)
Hash
d27c37a5e65d14d579bd5d71224e8978
9ec86e623dd6af7026f5010f2288d85b24cc5d00
859006672ec1b8f73ce0979596fb02096141ee90e7894c827120f048d25c9bec

HTTP Headers

GET /icon?family=Material+Icons+Extended HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 07:43:05 GMT
date: Thu, 26 Jan 2023 07:43:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true

216.58.207.206

200 OK

42 kB

URL HTTP/2
docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type
data
Size
42 kB (42061 bytes)
Hash
d0f0b26ec0daca6fd7cd928e7ef97d06
50cf578847413aca6d466395e3ca3ec73e4f9913
89363ba4d64cc87852c4f897c22562686ab1eac308d2a1fe41434ff3da8d4d14

HTTP Headers

GET /forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 26 Jan 2023 07:43:04 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
referrer-policy: strict-origin-when-cross-origin
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'nonce-FL3zalK3jqaYCmvAeCMaoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=511=S16zNlLswtQzyWOAxCroO1v6J-SJNx_h7R9d36U-ZmtS720e6ZtpLEVqiZpD7GB1a875FwfLtkvNZtnSOYs8GnPJxG-065vy9EX87hEC8BVsptbk0XtcdcEtOYkkIUjR-FBfWa7gQqsyGcAlKwZeXy2k9x7uuhmT4l0q5kiOSJc; expires=Fri, 28-Jul-2023 07:43:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
S=spreadsheet_forms=9nIhBlbalZj4SU38sFSZ-gNahDeMM5iaVNS9NL249VM; Domain=.docs.google.com; Expires=Thu, 26-Jan-2023 08:43:04 GMT; Path=/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw; Secure; HttpOnly; SameSite=none
COMPASS=spreadsheet_forms=CjIACWuJV-44tszHPZTmtfxfMNitplo4aJ8naCThdrBgpTY74UHxtoLVQTvdbUGZTK0isxCY-sieBho0AAlriVezsAnC9-Wvmf7rqM9y-j9XnrBO25YejBeda5snwc0ciEZ4nbIL6XBWF2OOi-Zw4Q==; Domain=.docs.google.com; Expires=Thu, 26-Jan-2023 08:43:04 GMT; Path=/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

142.250.74.106

200 OK

11 kB

URL HTTP/2
fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
11 kB (10600 bytes)
Hash
52a9fe238ffede0d287baea0d167a25e
bdad5534b6585325b97054bb7a4424d9a0d3638d
d01760aadb012e416beca5ac4d91d55a49886eeedf03a425ed3cc3bfd0670b78

HTTP Headers

GET /css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 07:43:05 GMT
date: Thu, 26 Jan 2023 07:43:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
465082cd416827b66cb80dcc4130f322
c0cd8af0d73831c78863c3faff785ba369862ef2
4bb30a2027b42fdd5c2603e224fd6f35228c22abcedc43535294623d2d2df4c7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164151
Date: Thu, 26 Jan 2023 07:43:06 GMT
Etag: "63d20d41-1d7"
Expires: Sat, 28 Jan 2023 05:18:57 GMT
Last-Modified: Thu, 26 Jan 2023 05:18:57 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CBs3JMDiRSdeS4vRbiB4zgqTnSZphY-E1U1pFFOltFnsIVplg4biHw==

ssl.gstatic.com/docs/forms/qp_sprite169.svg

142.250.74.131

200 OK

12 kB

URL HTTP/2
ssl.gstatic.com/docs/forms/qp_sprite169.svg
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1745)
Size
12 kB (11828 bytes)
Hash
923de45e500c9f8ea1ba859231f86a0c
e96c9945233b4cf4bfcd42da3b2b58003fa26b13
002885e8dde288618c68dc6ddf6a55992547acc5670221dab313ba6c90590566

HTTP Headers

GET /docs/forms/qp_sprite169.svg HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 11828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 01:09:19 GMT
expires: Thu, 25 Jan 2024 01:09:19 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 17 Jan 2023 19:38:00 GMT
content-type: image/svg+xml
age: 110027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.segment.com/v1/projects/DY2AnAvl9M85q9NEi9Bizyw5amtFuK2Z/settings

54.230.219.201

200 OK

546 B

URL HTTP/2
cdn.segment.com/v1/projects/DY2AnAvl9M85q9NEi9Bizyw5amtFuK2Z/settings
IP
54.230.219.201:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (546), with no line terminators
Size
546 B (546 bytes)
Hash
6ccad117b19301c52bf4b8a25fe0dcb2
8da254a590d2b225fe8d5b32af5986e65ab9ed02
3e514a3c0abcf81f976273df0df7bc5dfcab06f337bd57fff4bf03df3a953843

HTTP Headers

GET /v1/projects/DY2AnAvl9M85q9NEi9Bizyw5amtFuK2Z/settings HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 546
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Wed, 13 Apr 2022 13:30:23 GMT
x-amz-version-id: 0TTIXVka5t_zUSj_ywqZtcFfiHXElB36
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 07:43:06 GMT
cache-control: public, max-age=10800
etag: "6ccad117b19301c52bf4b8a25fe0dcb2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h0aOabphTpCEVLuA2LHxplMq6uEoWaMsUp3CnX0JAUiSZg-shVBkEw==
age: 1262
X-Firefox-Spdy: h2

www.saleshandy.com/wp-content/litespeed/js/79600e2e884e2748e180b8276e6513e1.js?ver=1321a

70.32.23.111

200 OK

503 B

URL HTTP/2
www.saleshandy.com/wp-content/litespeed/js/79600e2e884e2748e180b8276e6513e1.js?ver=1321a
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
data
Size
503 B (503 bytes)
Hash
c6029b4a95736b8478d8550451cda492
64db927750d5597e85061a00058cd4469af801d7
7315bc0c3e81c06518e661e0e5fe4c8281cc557798c0559d5c0c73a9f4cb1eca

HTTP Headers

GET /wp-content/litespeed/js/79600e2e884e2748e180b8276e6513e1.js?ver=1321a HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/spam-police/
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800, public
expires: Thu, 26 Jan 2023 07:43:07 GMT
content-type: application/javascript
last-modified: Wed, 25 Jan 2023 22:29:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 156893
date: Thu, 26 Jan 2023 07:43:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c6029b4a95736b8478d8550451cda492
64db927750d5597e85061a00058cd4469af801d7
7315bc0c3e81c06518e661e0e5fe4c8281cc557798c0559d5c0c73a9f4cb1eca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7315BC0C3E81C06518E661E0E5FE4C8281CC557798C0559D5C0C73A9F4CB1ECA"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2922
Expires: Thu, 26 Jan 2023 08:31:48 GMT
Date: Thu, 26 Jan 2023 07:43:06 GMT
Connection: keep-alive

www.google-analytics.com/analytics.js

216.58.207.206

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 26 Jan 2023 07:41:08 GMT
expires: Thu, 26 Jan 2023 09:41:08 GMT
cache-control: public, max-age=7200
age: 118
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google-analytics.com/gtm/optimize.js?id=GTM-PF9MQGQ

216.58.207.206

200 OK

47 kB

URL HTTP/2
www.google-analytics.com/gtm/optimize.js?id=GTM-PF9MQGQ
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
47 kB (47150 bytes)
Hash
f2ceb603ecd84c88077875352d89f55c
e3d334e2350d6b898507d5fae291de6789a9b7c4
9850d3aa78c2a09fe31159e6f8d3df1ac853b71e4da39590e6eff896768a712a

HTTP Headers

GET /gtm/optimize.js?id=GTM-PF9MQGQ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 07:43:06 GMT
expires: Thu, 26 Jan 2023 07:43:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47150
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.210

200 OK

4.8 kB

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (13351)
Size
4.8 kB (4777 bytes)
Hash
74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=23990
date: Thu, 26 Jan 2023 07:43:06 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dda854cb90cda40c6a6dbc19eb186eca
0d23775c5af739aac0a41844d09c704ab850a1bd
7c432d209fcf9dde0ca59bf93f76526d98aab474041f19b2d6fe79942ed3a7e2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
352baf7c800961bb35c67a62a8cf4076
4a9c4af023f754116db9af79d750b1e82a9e17c0
af7b30a6b18021a4aed36cd1bc352176b5b417ebefb395c355323231dfff8490

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6160
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:06 GMT
Last-Modified: Thu, 26 Jan 2023 06:00:26 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 727

cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js

130.211.5.208

200 OK

17 kB

URL HTTP/2
cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
IP
130.211.5.208:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (755)
Size
17 kB (17435 bytes)
Hash
caa762087e9d75cecc34b5d6626cb7b9
fcc68d485c2f42e0f880260c3e104cedf50d0d11
dc0ec55efae4c1f0ff095cf05133cc835e1cc4ff7906d3b7a2d0d86789bfe145

HTTP Headers

GET /libs/mixpanel-2-latest.min.js HTTP/1.1
Host: cdn4.mxpnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ADPycdud2atFhYeH3guX7d88-NyadwqJAVBIMnrty84jh6FmzApmuFGDpzJ0ANllAX9BXitL_vOnFOdySLbNKPvbD04Y9A
vary: Accept-Encoding
x-goog-generation: 1645129310876382
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 17435
content-encoding: gzip
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 17435
access-control-allow-origin: *
server: UploadServer
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
date: Thu, 26 Jan 2023 07:33:22 GMT
expires: Thu, 26 Jan 2023 07:43:22 GMT
cache-control: public,max-age=600
age: 584
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
etag: "caa762087e9d75cecc34b5d6626cb7b9"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/875623304/?random=1674718983788&cv=11&fst=1674718983788&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&auid=248314411.1674718984&rfmt=3&fmt=4

216.58.207.194

200 OK

878 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/875623304/?random=1674718983788&cv=11&fst=1674718983788&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&auid=248314411.1674718984&rfmt=3&fmt=4
IP
216.58.207.194:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1857), with no line terminators
Size
878 B (878 bytes)
Hash
c62d914a33426ab65eff477d020548a8
4805bc8a174f13a518d89a60744af8e8db0f567c
2ba1c5313ac76651e2651119b0061baa68e554f940decbbb2310eefce04a1642

HTTP Headers

GET /pagead/viewthroughconversion/875623304/?random=1674718983788&cv=11&fst=1674718983788&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&auid=248314411.1674718984&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 07:43:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 878
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 07:58:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
352baf7c800961bb35c67a62a8cf4076
4a9c4af023f754116db9af79d750b1e82a9e17c0
af7b30a6b18021a4aed36cd1bc352176b5b417ebefb395c355323231dfff8490

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6160
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:06 GMT
Last-Modified: Thu, 26 Jan 2023 06:00:26 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 727

www.saleshandy.com/wp-content/uploads/2021/07/Vector.png

70.32.23.111

200 OK

307 B

URL HTTP/2
www.saleshandy.com/wp-content/uploads/2021/07/Vector.png
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
PNG image data, 20 x 20, 4-bit colormap, non-interlaced\012- data
Size
307 B (307 bytes)
Hash
31c3eadd18e1df7a88f1329462354a09
7b2b67c6ed38ff147da163a5ade58cc1e9826033
f19398099f6afa84728d4da80c79b579011d29f4ccfa5f34b47d50c660f00de0

HTTP Headers

GET /wp-content/uploads/2021/07/Vector.png HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/spam-police/
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6; _pk_id.1.be65=0f4a04c0aa99faf1.1674718984.; _pk_ses.1.be65=1; _gcl_au=1.1.248314411.1674718984; shreferer=; sh_ulp=https://www.saleshandy.com/spam-police/; _gd1674718983951=_gd1674718983951; poll_session_seen=[]; _gd1674718983952=_gd1674718983952; howuku_session=KYykPlO2; _gd1674718983953=_gd1674718983953; pageview=1; _gd1674718983954=_gd1674718983954; unique_session=1; _gd1674718983955=_gd1674718983955; first_session=KYykPlO2; _gd1674718983956=_gd1674718983956; _gd1674718983957=_gd1674718983957; created_at=1674718983957; _ga_65VZV193TN=GS1.1.1674718984.1.0.1674718984.0.0.0; _ga=GA1.1.1711991510.1674718984; _ga_X6HKQ79V48=GS1.1.1674718984.1.0.1674718984.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800, public
expires: Thu, 26 Jan 2023 07:43:08 GMT
content-type: image/png
last-modified: Sat, 29 Jan 2022 06:27:50 GMT
accept-ranges: bytes
content-length: 307
date: Thu, 26 Jan 2023 07:43:06 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.saleshandy.com/wp-content/uploads/2021/07/Vector.png

70.32.23.111

200 OK

307 B

URL HTTP/2
www.saleshandy.com/wp-content/uploads/2021/07/Vector.png
IP
70.32.23.111:0
ASN
#55293 A2HOSTING

File type
PNG image data, 20 x 20, 4-bit colormap, non-interlaced\012- data
Size
307 B (307 bytes)
Hash
31c3eadd18e1df7a88f1329462354a09
7b2b67c6ed38ff147da163a5ade58cc1e9826033
f19398099f6afa84728d4da80c79b579011d29f4ccfa5f34b47d50c660f00de0

HTTP Headers

GET /wp-content/uploads/2021/07/Vector.png HTTP/1.1
Host: www.saleshandy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/spam-police/
Cookie: _lscache_vary=340e60d720032216978e758e1e974bf6; _pk_id.1.be65=0f4a04c0aa99faf1.1674718984.; _pk_ses.1.be65=1; _gcl_au=1.1.248314411.1674718984; shreferer=; sh_ulp=https://www.saleshandy.com/spam-police/; _gd1674718983951=_gd1674718983951; poll_session_seen=[]; _gd1674718983952=_gd1674718983952; howuku_session=KYykPlO2; _gd1674718983953=_gd1674718983953; pageview=1; _gd1674718983954=_gd1674718983954; unique_session=1; _gd1674718983955=_gd1674718983955; first_session=KYykPlO2; _gd1674718983956=_gd1674718983956; _gd1674718983957=_gd1674718983957; created_at=1674718983957; _ga_65VZV193TN=GS1.1.1674718984.1.0.1674718984.0.0.0; _ga=GA1.1.1711991510.1674718984; _ga_X6HKQ79V48=GS1.1.1674718984.1.0.1674718984.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800, public
expires: Thu, 26 Jan 2023 07:37:17 GMT
content-type: image/png
last-modified: Sat, 29 Jan 2022 06:27:50 GMT
accept-ranges: bytes
content-length: 307
date: Thu, 26 Jan 2023 07:37:15 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dda854cb90cda40c6a6dbc19eb186eca
0d23775c5af739aac0a41844d09c704ab850a1bd
7c432d209fcf9dde0ca59bf93f76526d98aab474041f19b2d6fe79942ed3a7e2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/naLogImpressions

216.58.207.206

204 No Content

0 B

URL HTTP/2
docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/naLogImpressions
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/naLogImpressions HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true
X-Same-Domain: 1
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 3324
Origin: https://docs.google.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 26 Jan 2023 07:43:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'nonce-M3miS45slmNDH8_sCyzitw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
server: GSE
set-cookie: NID=511=LWS419GzW8il3xJ9qReytmqhuxIhl97hr9L7W82KJPgvQWiycO5K8isY0FPn8e1Grp15WhlLF_MkiSyLsP4aAWssfWdmlckVdSRS6t4TXA9Hq14WKD2fGYGsKtJnLMoo2VBYq0xrY8RzA1upKk5kC4VnOesM5zF7hBGC5SBkQL4; expires=Fri, 28-Jul-2023 07:43:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-65VZV193TN&gtm=2oe1p0&_p=365878356&cid=1711991510.1674718984&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674718984&sct=1&seg=0&dl=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&dt=SalesHandy%20Spam%20Police%20-%20SalesHandy&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-65VZV193TN&gtm=2oe1p0&_p=365878356&cid=1711991510.1674718984&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674718984&sct=1&seg=0&dl=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&dt=SalesHandy%20Spam%20Police%20-%20SalesHandy&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-65VZV193TN&gtm=2oe1p0&_p=365878356&cid=1711991510.1674718984&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674718984&sct=1&seg=0&dl=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&dt=SalesHandy%20Spam%20Police%20-%20SalesHandy&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.saleshandy.com
date: Thu, 26 Jan 2023 07:43:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-X6HKQ79V48&gtm=2oe1p0&_p=365878356&cid=1711991510.1674718984&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674718984&sct=1&seg=0&dl=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&dt=SalesHandy%20Spam%20Police%20-%20SalesHandy&en=page_view&_fv=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-X6HKQ79V48&gtm=2oe1p0&_p=365878356&cid=1711991510.1674718984&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674718984&sct=1&seg=0&dl=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&dt=SalesHandy%20Spam%20Police%20-%20SalesHandy&en=page_view&_fv=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-X6HKQ79V48&gtm=2oe1p0&_p=365878356&cid=1711991510.1674718984&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674718984&sct=1&seg=0&dl=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&dt=SalesHandy%20Spam%20Police%20-%20SalesHandy&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: https://www.saleshandy.com
date: Thu, 26 Jan 2023 07:43:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

api.howuku.com/widget/init/zb2omn9LYogwWYkpNeDEl8

54.179.116.115

200 OK

7.0 kB

URL HTTP/1.1
api.howuku.com/widget/init/zb2omn9LYogwWYkpNeDEl8
IP
54.179.116.115:0
ASN
#16509 AMAZON-02

File type
gzip compressed data, from Unix\012- data
Size
7.0 kB (6977 bytes)
Hash
cf6154303899deb2c078900f3a2e4acf
008ca3871b7ea97774f4be8ad40e9a8278ece4ad
afa19ecbaa5cdc4400e4a56bb442d9fc1ded1100dc49087833c9b54ba3beeb0c

HTTP Headers

OPTIONS /widget/init/zb2omn9LYogwWYkpNeDEl8 HTTP/1.1
Host: api.howuku.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.saleshandy.com/
Origin: https://www.saleshandy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 26 Jan 2023 07:43:06 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 3600000

api.howuku.com/widget/test

54.179.116.115

200 OK

0 B

URL HTTP/1.1
api.howuku.com/widget/test
IP
54.179.116.115:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /widget/test HTTP/1.1
Host: api.howuku.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.saleshandy.com/
Origin: https://www.saleshandy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 26 Jan 2023 07:43:06 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 3600000

www.clarity.ms/tag/ads865x4qt?ref=gtm2

13.107.238.53

200 OK

1.4 kB

URL HTTP/2
www.clarity.ms/tag/ads865x4qt?ref=gtm2
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.4 kB (1428 bytes)
Hash
af53e123d7066eedec186dec2b9f45b6
2a5c9f01c17e368e8b3eb0d55d30dd138d530962
9e76bdab86d31e817dcebdeb81224984475b3d85a49ccea05c925c9fe08b1da3

HTTP Headers

GET /tag/ads865x4qt?ref=gtm2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=ec9f40e69ecc466492430b40a314cff2.20230126.20240126; expires=Fri, 26 Jan 2024 07:43:06 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-cache: CONFIG_NOCACHE
x-azure-ref: 0Ci/SYwAAAAAhe0FA3nqwTJhiUGIdRRXWQ1BIMzBFREdFMDQxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 26 Jan 2023 07:43:06 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fdded3d5e68d5358634880be3d3f2d04
6a02176ed7735b46393d51bd142e0deace6a5007
7077e5a7a6aeee95ad600ca2a943f7062f593e12fa61e74bbb860f6019bf67b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/875623304/?random=1674718983788&cv=11&fst=1674716400000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&fmt=3&is_vtc=1&random=3951795481&rmt_tld=0&ipr=y

216.58.207.228

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/875623304/?random=1674718983788&cv=11&fst=1674716400000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&fmt=3&is_vtc=1&random=3951795481&rmt_tld=0&ipr=y
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/875623304/?random=1674718983788&cv=11&fst=1674716400000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&fmt=3&is_vtc=1&random=3951795481&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 07:43:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/875623304/?random=1674718983788&cv=11&fst=1674716400000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&fmt=3&is_vtc=1&random=3951795481&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/875623304/?random=1674718983788&cv=11&fst=1674716400000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&fmt=3&is_vtc=1&random=3951795481&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/875623304/?random=1674718983788&cv=11&fst=1674716400000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&fmt=3&is_vtc=1&random=3951795481&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 07:43:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=310290&time=1674718984628&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F

13.107.42.14

302 Found

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=310290&time=1674718984628&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=310290&time=1674718984628&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D310290%26time%3D1674718984628%26url%3Dhttps%253A%252F%252Fwww.saleshandy.com%252Fspam-police%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIjvXt1-E7nSwAAAYXtB8M8W04n5FIMo1q6tvHabXGW7UkFMj5fulvHRgremm6Mt1EGRUqMQnLnbA; Max-Age=2592000; Expires=Sat, 25 Feb 2023 07:43:07 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLL8JzOQbKSMAAAAYXtB8M9UsEpycChvpNIJkJ4Hc9gh5f6v7SIMShTTjYhik66nUzoy1i0HuN0CZFasaP8OQ; Max-Age=2592000; Expires=Sat, 25 Feb 2023 07:43:07 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&07b03053-4cfc-4e03-8cd6-0cf463207b50"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 26-Jan-2024 07:43:07 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2477:u=1:x=1:i=1674718987:t=1674805387:v=2:sig=AQHtz0b9V9mKSeGA7MrNiVwpPzSPB2_b"; Expires=Fri, 27 Jan 2023 07:43:07 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXzJeZSkhj4wB/jyWodLg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B09CD6452B4B4B7CA01D8105E2DD46F3 Ref B: OSL30EDGE0507 Ref C: 2023-01-26T07:43:07Z
date: Thu, 26 Jan 2023 07:43:06 GMT
content-length: 0
X-Firefox-Spdy: h2

api.howuku.com/widget/init/zb2omn9LYogwWYkpNeDEl8

54.179.116.115

200 OK

2 B

URL HTTP/1.1
api.howuku.com/widget/init/zb2omn9LYogwWYkpNeDEl8
IP
54.179.116.115:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /widget/init/zb2omn9LYogwWYkpNeDEl8 HTTP/1.1
Host: api.howuku.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 244
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 26 Jan 2023 07:43:07 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"

www.clarity.ms/eus/s/0.7.1/clarity.js

13.107.238.53

200 OK

45 kB

URL HTTP/2
www.clarity.ms/eus/s/0.7.1/clarity.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (56646)
Size
45 kB (44947 bytes)
Hash
e1dd26503f377d4ac2dba0d5231c2fa3
97be8d4e052fcdd53e4bffe462be996b0b1f4909
0930e5b0c433d7c1780e4ff18801d5096c061774ad1e7def9b25f6949a62dab8

HTTP Headers

GET /eus/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d928dd7500799e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-azure-ref-originshield: 0AHnRYwAAAADR+mh6y2voRoO7Cojxa9CaRlJBMjMxMDUwNDE4MDM1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-azure-ref: 0Ci/SYwAAAAAwGwa8LY+vRpjpHXgzqp3ZQ1BIMzBFREdFMDQxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 26 Jan 2023 07:43:06 GMT
X-Firefox-Spdy: h2

docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/font/getmetadata

216.58.207.206

200 OK

158 kB

URL HTTP/2
docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/font/getmetadata
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type
data
Size
158 kB (158210 bytes)
Hash
ab02e10e2e2f736f192449dc326282ff
6c282e898aec0b1f2c2750ccea78af33306f4b8c
078d08049ec1d0efb3d5173088ae5c6af01d1ad8fdb442deafa96ce88525c2fc

HTTP Headers

POST /forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/font/getmetadata HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true
X-Same-Domain: 1
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 246
Origin: https://docs.google.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 26 Jan 2023 07:43:06 GMT
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=511=QglcAh82YzKw3lkA4VmPvETf2A7OZuPJW0n00K1VxQnGwfwzxbPjHc7w-klXzaGkz8yFYTjmyDFJJNhadrf5Ho4UIBFmpDTjGWWPRi3JevZBx3UmDRgrj_bH_bAYRhmSDrzJhmmwsL8FqiJDMbPeZW0V69jWTYclwKMHOx1Cplk; expires=Fri, 28-Jul-2023 07:43:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.howuku.com/widget/test

54.179.116.115

200 OK

2 B

URL HTTP/1.1
api.howuku.com/widget/test
IP
54.179.116.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /widget/test HTTP/1.1
Host: api.howuku.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 55
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 26 Jan 2023 07:43:07 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fdded3d5e68d5358634880be3d3f2d04
6a02176ed7735b46393d51bd142e0deace6a5007
7077e5a7a6aeee95ad600ca2a943f7062f593e12fa61e74bbb860f6019bf67b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 07:43:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.linkedin.oribi.io/partner/310290/domain/saleshandy.com/token

54.230.111.78

200 OK

40 kB

URL HTTP/2
cdn.linkedin.oribi.io/partner/310290/domain/saleshandy.com/token
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
data
Size
40 kB (39926 bytes)
Hash
1b472780685bd6dd3b5bc090d0091dee
d3fe2e80d926b29712ba8a1d064bb7b333de6e1f
a926aa5ae3e534ddb855c42ca60fd0696aede7c999e5605bb7d28941dc80038a

HTTP Headers

GET /partner/310290/domain/saleshandy.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
date: Thu, 26 Jan 2023 07:10:33 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SyetxA0CdMFizRCC_5OGmOaVqM5AKB1m0PutiSw4Jm6g6d_0MUK-DA==
age: 1954
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
94f97228cd18293cfbe31a5bce2868fa
73b2f9a9370d6662eca625a736d2db169086b3de
6c79bea6a66b7a850b80f5d9b3d5127225cd7d7c748b76c3d68b13ab2f51f056

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95682
Date: Thu, 26 Jan 2023 07:43:07 GMT
Etag: "63d0efe1-1d7"
Expires: Fri, 27 Jan 2023 10:17:49 GMT
Last-Modified: Wed, 25 Jan 2023 09:01:21 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NWHhz-GBpNdNpJjz0xlhH1xqPPLRaqhIeCzdli6-pKnLkRxoMBYAlg==
Age: 4588

api.howuku.com/widget/cookie

54.179.116.115

200 OK

0 B

URL HTTP/1.1
api.howuku.com/widget/cookie
IP
54.179.116.115:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /widget/cookie HTTP/1.1
Host: api.howuku.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.saleshandy.com/
Origin: https://www.saleshandy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 26 Jan 2023 07:43:07 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 3600000

www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D310290%26time%3D1674718984628%26url%3Dhttps%253A%252F%252Fwww.saleshandy.com%252Fspam-police%252F%26liSync%3Dtrue

13.107.42.14

302 Found

0 B

URL HTTP/2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D310290%26time%3D1674718984628%26url%3Dhttps%253A%252F%252Fwww.saleshandy.com%252Fspam-police%252F%26liSync%3Dtrue
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D310290%26time%3D1674718984628%26url%3Dhttps%253A%252F%252Fwww.saleshandy.com%252Fspam-police%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saleshandy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=310290&time=1674718984628&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&c7bc2450-543a-42d0-8fd0-5c3433f848fd"; Domain=.linkedin.com; Expires=Fri, 26-Jan-2024 07:43:07 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230126074307e3123881-71e0-436d-8157-edee02b874e0AQHlaQZci39CQZ-ocxqkeL2OJca7sjx8"; Domain=.www.linkedin.com; Expires=Fri, 26-Jan-2024 07:43:07 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzQ3MTg5ODc7MjswMjEyifXCV4ZR/uRhFYeeJ/Ny5pzaCSwoNDKdgx0P+8qrsQ==; Domain=.linkedin.com; Expires=Tue, 25 Jul 2023 07:43:07 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2450:u=1:x=1:i=1674718987:t=1674805387:v=2:sig=AQHLYQFpHkJ4BEZgzqs0lvUeNGS7VBrX"; Expires=Fri, 27 Jan 2023 07:43:07 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXzJeZZbgyquJDd38lqkw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B2313A2CF285416F97C769714A5D6DC5 Ref B: OSL30EDGE0507 Ref C: 2023-01-26T07:43:07Z
date: Thu, 26 Jan 2023 07:43:07 GMT
content-length: 0
X-Firefox-Spdy: h2

api.segment.io/v1/p

52.26.96.136

200 OK

21 B

URL HTTP/2
api.segment.io/v1/p
IP
52.26.96.136:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
21 B (21 bytes)
Hash
90749a50019a27e1f32cebdbaa7a1bc1
8329e3339f928f8591024bb0f938dab99c0ad4b8
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

HTTP Headers

POST /v1/p HTTP/1.1
Host: api.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saleshandy.com/
Content-Type: text/plain
Origin: https://www.saleshandy.com
Content-Length: 839
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 26 Jan 2023 07:43:07 GMT
content-type: application/json
content-length: 21
access-control-allow-origin: https://www.saleshandy.com
strict-transport-security: max-age=31536000
vary: Origin
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=310290&time=1674718984628&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&liSync=true

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=310290&time=1674718984628&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&liSync=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=310290&time=1674718984628&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saleshandy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&75dc9cf9-81d0-43ca-8284-0bab12774c03"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 26-Jan-2024 07:43:07 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2477:u=1:x=1:i=1674718987:t=1674805387:v=2:sig=AQHtz0b9V9mKSeGA7MrNiVwpPzSPB2_b"; Expires=Fri, 27 Jan 2023 07:43:07 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXzJeZbqj3SbrbQdLyu/w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 77CB8C115E47465DAB97A80D4317C181 Ref B: OSL30EDGE0507 Ref C: 2023-01-26T07:43:07Z
date: Thu, 26 Jan 2023 07:43:07 GMT
content-length: 0
X-Firefox-Spdy: h2

api.howuku.com/widget/cookie

54.179.116.115

200 OK

2 B

URL HTTP/1.1
api.howuku.com/widget/cookie
IP
54.179.116.115:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /widget/cookie HTTP/1.1
Host: api.howuku.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 158
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 26 Jan 2023 07:43:07 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"

d.clarity.ms/collect

40.76.174.66

204 No Content

0 B

URL HTTP/2
d.clarity.ms/collect
IP
40.76.174.66:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 536
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://www.saleshandy.com
access-control-allow-credentials: true
date: Thu, 26 Jan 2023 07:43:06 GMT
X-Firefox-Spdy: h2

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=00A9A4143B9E4491A711CC20B6E21CEE&RedC=c.clarity.ms&MXFR=17DED96477866E401AADCBC173866066
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=17DED96477866E401AADCBC173866066; domain=.clarity.ms; expires=Tue, 20-Feb-2024 07:43:07 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 26 Jan 2023 07:43:06 GMT
content-length: 0
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=00A9A4143B9E4491A711CC20B6E21CEE&RedC=c.clarity.ms&MXFR=17DED96477866E401AADCBC173866066

13.107.21.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=00A9A4143B9E4491A711CC20B6E21CEE&RedC=c.clarity.ms&MXFR=17DED96477866E401AADCBC173866066
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=00A9A4143B9E4491A711CC20B6E21CEE&RedC=c.clarity.ms&MXFR=17DED96477866E401AADCBC173866066 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saleshandy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=00A9A4143B9E4491A711CC20B6E21CEE&MUID=12FCD0BCAB936F613826C219AA666E3B
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=12FCD0BCAB936F613826C219AA666E3B; domain=c.bing.com; expires=Tue, 20-Feb-2024 07:43:07 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 729CD5AE656B496D83D43446A0830E4A Ref B: OSL30EDGE0205 Ref C: 2023-01-26T07:43:07Z
date: Thu, 26 Jan 2023 07:43:07 GMT
content-length: 0
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?CtsSyncId=00A9A4143B9E4491A711CC20B6E21CEE&MUID=12FCD0BCAB936F613826C219AA666E3B

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=00A9A4143B9E4491A711CC20B6E21CEE&MUID=12FCD0BCAB936F613826C219AA666E3B
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=00A9A4143B9E4491A711CC20B6E21CEE&MUID=12FCD0BCAB936F613826C219AA666E3B HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saleshandy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
accept-ranges: bytes
etag: "b1c8df6cb32ad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 26-Jan-2023 07:53:08 GMT; path=/; SameSite=None; Secure;
date: Thu, 26 Jan 2023 07:43:07 GMT
content-length: 42
X-Firefox-Spdy: h2

d.clarity.ms/collect

40.76.174.66

204 No Content

0 B

URL HTTP/2
d.clarity.ms/collect
IP
40.76.174.66:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 55030
Origin: https://www.saleshandy.com
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://www.saleshandy.com
access-control-allow-credentials: true
date: Thu, 26 Jan 2023 07:43:07 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Inter:wght@300;400;500%7CInter:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Inter:wght@300;400;500%7CInter:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Inter:wght@300;400;500%7CInter:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 07:43:05 GMT
date: Thu, 26 Jan 2023 07:43:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted

fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 07:43:05 GMT
date: Thu, 26 Jan 2023 07:43:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

tc1.shxtrk.com/

172.67.204.98

302 Found

0 B

URL HTTP/2
tc1.shxtrk.com/
IP
172.67.204.98:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: tc1.shxtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Thu, 26 Jan 2023 07:43:03 GMT
location: https://www.saleshandy.com/spam-police/
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfEGz7YUeLIFAPu63qorr85pdpKKAGacoLJLC3b9Jy%2BaMRYP93w%2For7lv72uDd3%2FP%2BBg9R%2FD1A3gwq3DdC41dPw2O4lfNM1b3XPI4WgwoRS9TpXesvas8ksfAIJj8Xa%2FzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f79d8dba8db4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 07:43:04 GMT
date: Thu, 26 Jan 2023 07:43:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true

216.58.207.206

200 OK

0 B

URL HTTP/2
docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saleshandy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 26 Jan 2023 07:43:05 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
referrer-policy: strict-origin-when-cross-origin
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'nonce-4R6j3CMcVNTtp-x1eF217w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=511=k4eED-BS0aSKIWt-jJkgDjiBlCNVSbfydqRMSUOf5t8XeCrsjJaIUrZohSe3_moZM7fjueG27L1t5uT01WYeiM1AISXgzVpmf6SFxK-WqwCLSIYAlNLq7H3Nxgo1HU7YyCgH6Ps4ivrVpJrBwQuSyQh5aKRMuhu5NONnqGVDCt0; expires=Fri, 28-Jul-2023 07:43:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
S=spreadsheet_forms=9nIhBlbalZj4SU38sFSZ-gNahDeMM5iaVNS9NL249VM; Domain=.docs.google.com; Expires=Thu, 26-Jan-2023 08:43:05 GMT; Path=/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw; Secure; HttpOnly; SameSite=none
COMPASS=spreadsheet_forms=CjIACWuJV-44tszHPZTmtfxfMNitplo4aJ8naCThdrBgpTY74UHxtoLVQTvdbUGZTK0isxCZ-sieBho0AAlriVezsAnC9-Wvmf7rqM9y-j9XnrBO25YejBeda5snwc0ciEZ4nbIL6XBWF2OOi-Zw4Q==; Domain=.docs.google.com; Expires=Thu, 26-Jan-2023 08:43:05 GMT; Path=/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (42)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML