handdii.us Open in urlscan Pro
18.160.46.16  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://handdii.us.mcas.ms/ Page URL
2. https://handdii.us/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response handdii.us.mcas.ms/	1 KB 882 B	186ms 56ms	Document text/html	20.168.249.164 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://handdii.us.mcas.ms/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.168.249.164 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software openresty / Resource Hash 1f497a60d29d9afa8f3b5d94129e15c425cfefc1dc88c38efce20524d0678fa7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control max-age=0, no-cache, no-store content-encoding gzip content-type text/html; charset=utf-8 date Fri, 01 Dec 2023 11:02:27 GMT expires Mon, 01-Jan-1990 00:00:00 GMT pragma no-cache server openresty strict-transport-security max-age=31536000 x-mcas-cache-status MISS x-mcas-processing-time 3 x-mcas-request-id 529f9523e27dd5e6920776b5b3c85bf9 x-mcas-upstream-time n/a
GET H2	200	session-context-store-helper.min.js Show response mcasproxy.cdn.mcas.ms/proxyweb/1.45.7/js/	13 KB 4 KB	104ms 27ms	Script application/javascript	2620:1ec:bdf::38 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mcasproxy.cdn.mcas.ms/proxyweb/1.45.7/js/session-context-store-helper.min.js Requested by Host: handdii.us.mcas.ms URL: https://handdii.us.mcas.ms/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7bedf305584b902887ff5e38e0f80ee07bb9848670f69487657eb167020eb14b Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us.mcas.ms/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Fri, 01 Dec 2023 11:02:27 GMT content-encoding br last-modified Tue, 07 Nov 2023 08:27:06 GMT vary Accept-Encoding x-azure-ref 20231201T110227Z-cs3hke9z392570q1x0chagfknw0000000r1g00000000yp55 content-type application/javascript access-control-allow-origin * x-ms-request-id 892394f9-d01e-001f-204d-186a01000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-cache TCP_HIT x-ms-version 2009-09-19
GET H2	200	session-context-restore.html Show response mcasproxy.cdn.mcas.ms/proxyweb/1.45.7/html/ Frame B97D	209 B 696 B	28ms 27ms	Document text/html	2620:1ec:bdf::38 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mcasproxy.cdn.mcas.ms/proxyweb/1.45.7/html/session-context-restore.html Requested by Host: mcasproxy.cdn.mcas.ms URL: https://mcasproxy.cdn.mcas.ms/proxyweb/1.45.7/js/session-context-store-helper.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451 Request headers Referer https://handdii.us.mcas.ms/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 content-length 209 content-type text/html date Fri, 01 Dec 2023 11:02:27 GMT etag 0x8DBDF6B5F649327 last-modified Tue, 07 Nov 2023 08:27:25 GMT x-azure-ref 20231201T110227Z-cs3hke9z392570q1x0chagfknw0000000r1g00000000yp5d x-cache TCP_HIT x-ms-blob-type BlockBlob x-ms-lease-status unlocked x-ms-request-id 04dc9734-e01e-0004-466f-17ff34000000 x-ms-version 2009-09-19
GET H2	200	session-context-restore.min.js Show response mcasproxy.cdn.mcas.ms/proxyweb/1.45.7/js/ Frame B97D	78 KB 27 KB	28ms 28ms	Script application/javascript	2620:1ec:bdf::38 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mcasproxy.cdn.mcas.ms/proxyweb/1.45.7/js/session-context-restore.min.js Requested by Host: mcasproxy.cdn.mcas.ms URL: https://mcasproxy.cdn.mcas.ms/proxyweb/1.45.7/html/session-context-restore.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2fedbd1c22175a9bd3e082f324984e605669819ddab557d8166b1c010b63a782 Request headers accept-language en-US,en;q=0.9 Referer https://mcasproxy.cdn.mcas.ms/proxyweb/1.45.7/html/session-context-restore.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Fri, 01 Dec 2023 11:02:27 GMT content-encoding br last-modified Tue, 07 Nov 2023 08:27:06 GMT vary Accept-Encoding x-azure-ref 20231201T110227Z-cs3hke9z392570q1x0chagfknw0000000r1g00000000yp5m content-type application/javascript access-control-allow-origin * x-ms-request-id e0e8b58d-d01e-000f-70fa-17da23000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-cache TCP_HIT x-ms-version 2009-09-19
GET H2	200	Primary Request / Show response handdii.us/	6 KB 4 KB	203ms 77ms	Document text/html	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handdii.us/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 7b6f41505f004a00c88793881cae8521d1f6d71c086c77bd906f874fa28b26b7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handdii.us.mcas.ms/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 4265 content-encoding br content-type text/html date Fri, 01 Dec 2023 11:02:28 GMT etag W/"e7a3d06fe30c2910e628bfce25a5066e" last-modified Thu, 30 Nov 2023 08:40:21 GMT referrer-policy strict-origin-when-cross-origin server AmazonS3 strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-amz-cf-id R8fo6W3-XYpTh7sdf2QXw7p2qiPPOwmDRfwZ6MdvzlG2nJhjUT98Iw== x-amz-cf-pop IAD55-P2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block
GET H2	200	index.e5b6befc.js Show response handdii.us/assets/	1 MB 408 KB	70ms 69ms	Script application/javascript	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handdii.us/assets/index.e5b6befc.js Requested by Host: handdii.us URL: https://handdii.us/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 909dcb2dd00a2fd4f4574a4eb02f90a74e7929b7752034a990e0d273487f81ab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handdii.us/? Origin https://handdii.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 01 Dec 2023 10:49:26 GMT content-encoding gzip via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 7087 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 30 Nov 2023 08:40:21 GMT server AmazonS3 etag W/"c8b0b244f57f7f2cf42ed25d80d1d2b3" vary Accept-Encoding x-frame-options DENY content-type application/javascript x-amz-cf-id RsL-iXxbIm49Qa7DOot5pjtlBfebyqJHXisyHvkZLZ8L78GBmNVBVA==
GET H2	200	react.718e36bb.js Show response handdii.us/assets/	129 KB 42 KB	279ms 278ms	Script application/javascript	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handdii.us/assets/react.718e36bb.js Requested by Host: handdii.us URL: https://handdii.us/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 389c7474296d94b91cb5f5d9279eec87d61c477201dff64d2cf8e49cbb46cd06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer Origin https://handdii.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 19:05:58 GMT content-encoding gzip via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 57391 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 30 Nov 2023 08:40:21 GMT server AmazonS3 etag W/"dda70a095ad2206da5aa568782a5d7cc" vary Accept-Encoding x-frame-options DENY content-type application/javascript x-amz-cf-id TO2DcEYifj1EFahbmpNXzenhF2hEHBYRCt9Lf1SilsB73fS4-M9T3w==
GET H2	200	sentry.35ab451f.js Show response handdii.us/assets/	109 KB 32 KB	267ms 266ms	Script application/javascript	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handdii.us/assets/sentry.35ab451f.js Requested by Host: handdii.us URL: https://handdii.us/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash d7792f549f8e2d33db84bca60ed029de2f75e9cd3199e3245098ff13e02e4b24 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer Origin https://handdii.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 17:31:52 GMT content-encoding br via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 63037 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 03 Nov 2023 04:49:02 GMT server AmazonS3 etag W/"e9b79d8cd0e0ab206dc4b9b160e1d327" vary Accept-Encoding x-frame-options DENY content-type application/javascript x-amz-cf-id HokFGdQ65kkNV17PRHp9GlDysv2d9_wB7WoF41bHNwLjCH3x7nkpmg==
GET H2	200	apollo.6480e667.js Show response handdii.us/assets/	140 KB 42 KB	273ms 272ms	Script application/javascript	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handdii.us/assets/apollo.6480e667.js Requested by Host: handdii.us URL: https://handdii.us/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 4ab624a9e443375ac170e3e7bb8b8c6295dd3d58be72285595b4d0e8c72f877e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer Origin https://handdii.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 19:05:58 GMT content-encoding gzip via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 57391 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 30 Nov 2023 08:40:20 GMT server AmazonS3 etag W/"06d084bc83639db036dddf383fe36eb8" vary Accept-Encoding x-frame-options DENY content-type application/javascript x-amz-cf-id 4U-rXro4FLOL2YW4bc8M-HPHPwgKy3zxU3uUWPcTrdnj4GQaM7kZWQ==
GET H2	200	index.bf20159d.css handdii.us/assets/	30 KB 7 KB	59ms 58ms	Stylesheet text/css	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handdii.us/assets/index.bf20159d.css Requested by Host: handdii.us URL: https://handdii.us/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 775c0e691d22636cb97049e6e8a77c8467771c788074245fda4acdc6947aed29 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 23:38:52 GMT content-encoding br via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 41017 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 03 Nov 2023 04:49:02 GMT server AmazonS3 etag W/"36993c2963f29d5ca6b147927550158d" vary Accept-Encoding x-frame-options DENY content-type text/css x-amz-cf-id QfvMTZzXD0VHpD-q8IFeoo_WiGVHI5x0UVY6hxHawVYkpS0CVz267A==
GET H2	200	css2 fonts.googleapis.com/	13 KB 1 KB	171ms 62ms	Stylesheet text/css	2607:f8b0:4004:c1d::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap Requested by Host: handdii.us URL: https://handdii.us/assets/index.bf20159d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 76c4a29c038d93d06508970744618b834ae41c0606bf05a08f53dd5f3871e212 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 01 Dec 2023 11:02:28 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 01 Dec 2023 09:34:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 01 Dec 2023 11:02:28 GMT
GET H2	200	v3 Show response js.stripe.com/	560 KB 155 KB	87ms 28ms	Script text/javascript	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: handdii.us URL: https://handdii.us/assets/index.e5b6befc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash aa5b7d455b609e53a68508609259a6d20342b2ce20f47f4abee38e513060eefc Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Fri, 01 Dec 2023 11:02:29 GMT via 1.1 varnish age 56 x-cache HIT content-length 158212 x-request-id 6616a70c-558a-4bcb-9483-5a093a02fa4b x-served-by cache-mia-kmia1760077-MIA last-modified Thu, 30 Nov 2023 22:48:03 GMT server Fastly etag "50e37c0acb791e8dd5bd945768f58f27" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 7
GET H2	200	logo.7ad50b9e.svg handdii.us/assets/	39 KB 24 KB	61ms 59ms	Image image/svg+xml	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handdii.us/assets/logo.7ad50b9e.svg Requested by Host: handdii.us URL: https://handdii.us/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 7ad50b9ee8ff44b6b1a857b99a2de05b1a61be6901747f9f20ba50955a059879 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 23:38:52 GMT content-encoding br via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 41018 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 03 Nov 2023 04:49:02 GMT server AmazonS3 etag W/"a7ca96b22dc406cf99aa8370fc2b4ed9" vary Accept-Encoding x-frame-options DENY content-type image/svg+xml x-amz-cf-id 0lxP9jRA7-RcJxWGWSiPLcEIeqr0l1OhwG7CZoKUE5LXQHRo1fNg4A==
GET H2	200	onboarding-step-1.de67ad04.svg handdii.us/assets/	36 KB 15 KB	62ms 61ms	Image image/svg+xml	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handdii.us/assets/onboarding-step-1.de67ad04.svg Requested by Host: handdii.us URL: https://handdii.us/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash de67ad0417f8c4dff33824065a87533cac96ae03588b4a2627cbcfa5326df206 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 23:38:52 GMT content-encoding br via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 41018 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 03 Nov 2023 04:49:02 GMT server AmazonS3 etag W/"33f940501e739f4860f65fbb901de340" vary Accept-Encoding x-frame-options DENY content-type image/svg+xml x-amz-cf-id xqJDlOCBUwmzLgO7fsns98U6GEJ6Ib3gwQkGgsfUqbIpeqrZqew4fA==
GET H2	200	onboarding-step-2.73998de1.svg handdii.us/assets/	13 KB 6 KB	63ms 62ms	Image image/svg+xml	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handdii.us/assets/onboarding-step-2.73998de1.svg Requested by Host: handdii.us URL: https://handdii.us/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 73998de1c61fc69155b7536d96db9a19e1994e37a04d3e290a64eb827d8313f2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 17:31:52 GMT content-encoding br via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 63038 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 03 Nov 2023 04:49:02 GMT server AmazonS3 etag W/"78de8e2ae138ab7668a55c1512d5148b" vary Accept-Encoding x-frame-options DENY content-type image/svg+xml x-amz-cf-id iwdImFgr63KybZDWfN3sEpdZ5hNzbX1xHj6feBN_G8m4Ep7tHHWwsQ==
GET H2	200	onboarding-step-4.1989f957.svg handdii.us/assets/	44 KB 18 KB	57ms 56ms	Image image/svg+xml	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handdii.us/assets/onboarding-step-4.1989f957.svg Requested by Host: handdii.us URL: https://handdii.us/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 1989f957f6164dbdd8b8082769b59e7717cedc66af2edf5d0534aa2c30bfacb6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 23:38:52 GMT content-encoding br via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 41018 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 03 Nov 2023 04:49:02 GMT server AmazonS3 etag W/"df2c0254de58e025bf66f04cf5ced679" vary Accept-Encoding x-frame-options DENY content-type image/svg+xml x-amz-cf-id i_gmDMNBh98zYFmT0z_4Bkojf41XtOo5mJRppQfPFBiW9YvW1SKdrA==
GET H2	200	time-slot.45e8ff49.svg handdii.us/assets/	41 KB 18 KB	59ms 58ms	Image image/svg+xml	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handdii.us/assets/time-slot.45e8ff49.svg Requested by Host: handdii.us URL: https://handdii.us/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 45e8ff49cfaf0e8053065dc041018d8f6d544dd777feb57c38bc7cca84974d89 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 01 Dec 2023 00:41:23 GMT content-encoding br via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 37267 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 30 Nov 2023 08:40:21 GMT server AmazonS3 etag W/"200d965fb71d1bb52942e545de703adb" vary Accept-Encoding x-frame-options DENY content-type image/svg+xml x-amz-cf-id kHxUoACSiP-SsFBMhfs4P9kpREo5YVEO8msrN3BYU48q_xzhwFaccQ==
GET H2	200	payment-success.52f919ee.svg handdii.us/assets/	9 KB 4 KB	61ms 60ms	Image image/svg+xml	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handdii.us/assets/payment-success.52f919ee.svg Requested by Host: handdii.us URL: https://handdii.us/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 52f919eecc7b271718dcb31c5615115ba05ebaf9f957cc91e155a00b4329c0c3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 23:38:52 GMT content-encoding br via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 41018 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 03 Nov 2023 04:49:02 GMT server AmazonS3 etag W/"45a8a1438dae630f476e91ac85059ae1" vary Accept-Encoding x-frame-options DENY content-type image/svg+xml x-amz-cf-id miIViUSy0OlQ8x6igNM27IML303_idhPcSmFZitAWReBIPO6HP_95g==
POST H2	200	/ Show response o293258.ingest.sentry.io/api/5806630/envelope/	41 B 364 B	172ms 69ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o293258.ingest.sentry.io/api/5806630/envelope/?sentry_key=a36470e4ccab49249d291ddbb2e56d36&sentry_version=7 Requested by Host: handdii.us URL: https://handdii.us/assets/sentry.35ab451f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash f35e9ef1ddad2682124e74eacb19e4de8c201f03d319c342de758a4fcf982bf3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://handdii.us/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 01 Dec 2023 11:02:29 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after x-envoy-upstream-service-time 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41
GET H2	200	splash-bg.bb97db87.svg handdii.us/assets/	120 KB 90 KB	55ms 55ms	Image image/svg+xml	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handdii.us/assets/splash-bg.bb97db87.svg Requested by Host: handdii.us URL: https://handdii.us/assets/index.bf20159d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash bb97db877b521d0f721d28a327e7ee83332fbd175a05331ad3f6414281a57bc0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us/assets/index.bf20159d.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 15:00:04 GMT content-encoding br via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 72146 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 03 Nov 2023 04:49:02 GMT server AmazonS3 etag W/"3e805162dec3f0491b2c46a99600b395" vary Accept-Encoding x-frame-options DENY content-type image/svg+xml x-amz-cf-id 5Y9uvLl6d2P7qHWbjB6uuTqN9Zs8xhWnL-LcJAZqccAx-t-KvUQwmw==
GET H2	200	m-outer-27c67c0d52761104439bb051c7856ab1.html Show response js.stripe.com/v3/ Frame ACDC	200 B 818 B	27ms 27ms	Document text/html	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://handdii.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 3895944 cache-control max-age=31536000 content-encoding br content-length 154 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Fri, 01 Dec 2023 11:02:29 GMT etag "27c67c0d52761104439bb051c7856ab1" last-modified Fri, 08 Sep 2023 21:23:50 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 741694 x-content-type-options nosniff x-request-id 0825f0de-2a63-4b3e-8965-8157d0fff01a x-served-by cache-mia-kmia1760077-MIA
GET H2	200	m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response js.stripe.com/v3/fingerprinted/js/ Frame ACDC	631 B 533 B	30ms 30ms	Script text/javascript	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Fri, 01 Dec 2023 11:02:29 GMT via 1.1 varnish age 2594077 x-cache HIT content-length 399 x-request-id abe10733-e8ab-4071-9d3d-188723e5b641 x-served-by cache-mia-kmia1760077-MIA last-modified Fri, 08 Sep 2023 21:23:49 GMT server Fastly etag "70cacf09ae81711ac6dcbc5ee59750c4" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 691245
POST H2	200	csp-report q.stripe.com/ Frame ACDC	0 717 B	328ms 109ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: handdii.us.mcas.ms URL: https://handdii.us.mcas.ms/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/csp-report Response headers date Fri, 01 Dec 2023 11:02:29 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1701428549504814 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1701428549504271 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame ACDC	0 718 B	325ms 107ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: handdii.us.mcas.ms URL: https://handdii.us.mcas.ms/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/csp-report Response headers date Fri, 01 Dec 2023 11:02:29 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1701428549504552 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1701428549504206 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	inner.html Show response m.stripe.network/ Frame 706D	930 B 1 KB	29ms 27ms	Document text/html	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 241 cache-control max-age=300, public content-encoding br content-length 540 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Fri, 01 Dec 2023 11:02:29 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 varnish x-cache HIT x-cache-hits 80 x-content-type-options nosniff x-request-id 3a9b251e-ba5a-459b-a8a4-07900f8d8d58 x-served-by cache-mia-kmia1760077-MIA x-timer S1701428549.257993,VS0,VE0
POST H2	200	csp-report q.stripe.com/ Frame 706D	0 491 B	282ms 108ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: handdii.us.mcas.ms URL: https://handdii.us.mcas.ms/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/csp-report Response headers date Fri, 01 Dec 2023 11:02:29 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1701428549504661 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin x-stripe-server-envoy-upstream-service-time-ms 0 x-stripe-client-envoy-start-time-us 1701428549504271 cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none expires 0
GET H2	200	out-4.5.43.js Show response m.stripe.network/ Frame 706D	87 KB 15 KB	28ms 27ms	Script text/javascript	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.43.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Fri, 01 Dec 2023 11:02:29 GMT x-content-type-options nosniff content-encoding br via 1.1 varnish age 159 x-cache HIT content-length 15509 x-request-id a6dc5a17-b45a-48eb-9f65-c2293511a59d x-served-by cache-mia-kmia1760077-MIA server Fastly x-timer S1701428549.290928,VS0,VE0 vary Accept-Encoding, Origin content-type text/javascript; charset=utf-8 cache-control max-age=300, public accept-ranges bytes x-cache-hits 46
POST H2	200	6 Show response m.stripe.com/ Frame 706D	156 B 670 B	320ms 108ms	XHR application/json	34.215.46.190 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.215.46.190 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-215-46-190.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 88d994143fa1899679baecdfe621374ec23aaf4ed6e972f37473f197a1669bae Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color green date Fri, 01 Dec 2023 11:02:29 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1701428549641384 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1701428549641044 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
GET H2	200	logo.7ad50b9e.svg handdii.us/assets/	39 KB 24 KB	57ms 56ms	Image image/svg+xml	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handdii.us/assets/logo.7ad50b9e.svg Requested by Host: handdii.us URL: https://handdii.us/assets/react.718e36bb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 7ad50b9ee8ff44b6b1a857b99a2de05b1a61be6901747f9f20ba50955a059879 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 23:38:52 GMT content-encoding br via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 41019 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 03 Nov 2023 04:49:02 GMT server AmazonS3 etag W/"a7ca96b22dc406cf99aa8370fc2b4ed9" vary Accept-Encoding x-frame-options DENY content-type image/svg+xml x-amz-cf-id yfSFuL8IvKH8lSoopey58nEwIUudPr_wHTRed1-HlKgSxoqQjmIYhA==
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	160ms 52ms	Font font/woff2	2607:f8b0:4004:c0b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://handdii.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 28 Nov 2023 14:28:36 GMT x-content-type-options nosniff age 246834 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Nov 2024 14:28:36 GMT
GET H2	200	icon-forward.9f4e9b0d.svg handdii.us/assets/	1 KB 1 KB	56ms 55ms	Image image/svg+xml	18.160.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handdii.us/assets/icon-forward.9f4e9b0d.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-16.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 9f4e9b0d2a7694953633fa1d7a21a92e788cf78e3a835b79ceffeaf367ecdb3c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://handdii.us/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 23:38:55 GMT content-encoding br via 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD55-P2 age 41018 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 03 Nov 2023 04:49:02 GMT server AmazonS3 etag W/"04ed0bd7b637628017f9e4c38f91a3cf" vary Accept-Encoding x-frame-options DENY content-type image/svg+xml x-amz-cf-id KCHEKIChQ9Wp5W514-J0nbR74Km_hUVFKMc3Svt_gBo56Sw-GDPZdQ==
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	53ms 52ms	Font font/woff2	2607:f8b0:4004:c0b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://handdii.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 01 Dec 2023 00:30:03 GMT x-content-type-options nosniff age 37949 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Nov 2024 00:30:03 GMT

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| __SENTRY__ object| global object| __twilioVideoImportedModules number| 2f1acc6c3a606b082e5eef5e54414ffb object| webpackChunkStripeJSouter function| noop function| Stripe

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-21 02:13:08	Name: m Value: b65cf71e-99ff-43ea-95c1-5ac5da083c4bb8fb66
			.handdii.us/	1970-01-21 01:22:44	Name: __stripe_mid Value: e0cf8932-4305-49ea-99af-ec2beced30c4c08138
			.handdii.us/	1970-01-20 16:37:10	Name: __stripe_sid Value: 6632a5d0-1b23-4a66-bf14-d17a9ac67bce7adbf1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
handdii.us
handdii.us.mcas.ms
js.stripe.com
m.stripe.com
m.stripe.network
mcasproxy.cdn.mcas.ms
o293258.ingest.sentry.io
q.stripe.com
151.101.192.176
18.160.46.16
20.168.249.164
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c1d::5f
2620:1ec:bdf::38
34.120.195.249
34.215.46.190
54.187.119.242
1989f957f6164dbdd8b8082769b59e7717cedc66af2edf5d0534aa2c30bfacb6
1f497a60d29d9afa8f3b5d94129e15c425cfefc1dc88c38efce20524d0678fa7
2fedbd1c22175a9bd3e082f324984e605669819ddab557d8166b1c010b63a782
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
389c7474296d94b91cb5f5d9279eec87d61c477201dff64d2cf8e49cbb46cd06
45e8ff49cfaf0e8053065dc041018d8f6d544dd777feb57c38bc7cca84974d89
4ab624a9e443375ac170e3e7bb8b8c6295dd3d58be72285595b4d0e8c72f877e
52f919eecc7b271718dcb31c5615115ba05ebaf9f957cc91e155a00b4329c0c3
73998de1c61fc69155b7536d96db9a19e1994e37a04d3e290a64eb827d8313f2
76c4a29c038d93d06508970744618b834ae41c0606bf05a08f53dd5f3871e212
775c0e691d22636cb97049e6e8a77c8467771c788074245fda4acdc6947aed29
7ad50b9ee8ff44b6b1a857b99a2de05b1a61be6901747f9f20ba50955a059879
7b6f41505f004a00c88793881cae8521d1f6d71c086c77bd906f874fa28b26b7
7bedf305584b902887ff5e38e0f80ee07bb9848670f69487657eb167020eb14b
88d994143fa1899679baecdfe621374ec23aaf4ed6e972f37473f197a1669bae
909dcb2dd00a2fd4f4574a4eb02f90a74e7929b7752034a990e0d273487f81ab
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9f4e9b0d2a7694953633fa1d7a21a92e788cf78e3a835b79ceffeaf367ecdb3c
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451
aa5b7d455b609e53a68508609259a6d20342b2ce20f47f4abee38e513060eefc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bb97db877b521d0f721d28a327e7ee83332fbd175a05331ad3f6414281a57bc0
d7792f549f8e2d33db84bca60ed029de2f75e9cd3199e3245098ff13e02e4b24
de67ad0417f8c4dff33824065a87533cac96ae03588b4a2627cbcfa5326df206
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f35e9ef1ddad2682124e74eacb19e4de8c201f03d319c342de758a4fcf982bf3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615