www.saleshandy.com Open in urlscan Pro
104.26.11.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tc4.shqtrk.com/
Effective URL:
https://www.saleshandy.com/spam-police/
Submission: On September 16 via api (September 16th 2021, 2:50:33 am UTC) from US — Scanned from DE

Summary HTTP 65 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 13 domains to perform 65 HTTP transactions. The main IP is 104.26.11.176, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.saleshandy.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2021. Valid for: a year.

This is the only time www.saleshandy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	104.21.52.221 104.21.52.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.26.11.176 104.26.11.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
3	18.66.97.7 18.66.97.7	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
10	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
3	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
6	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2.18.234.132 2.18.234.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.186.235.23 35.186.235.23	15169 (GOOGLE) (GOOGLE)
2	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
2	74.125.140.156 74.125.140.156	15169 (GOOGLE) (GOOGLE)
1 2	108.174.11.69 108.174.11.69	14413 (LINKEDIN) (LINKEDIN)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
9	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
3	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
3	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
3	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
65	20

2 104.21.52.221 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

tc4.shqtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.26.11.176 (United States)

ASN13335 (CLOUDFLARENET, US)

www.saleshandy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.7 (United States)

ASN16509 (AMAZON-02, US)

img.saleshandy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-132.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.235.23 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 23.235.186.35.bc.googleusercontent.com

cdn4.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.140.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.174.11.69 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-69.fwd.linkedin.com

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	591 KB
14	saleshandy.com www.saleshandy.com img.saleshandy.com	638 KB
6	google-analytics.com www.google-analytics.com	60 KB
6	googleapis.com translate.googleapis.com fonts.googleapis.com	98 KB
6	google.com translate.google.com docs.google.com Failed www.google.com	34 KB
3	google.de www.google.de	783 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	googletagmanager.com www.googletagmanager.com	151 KB
2	shqtrk.com 2 redirects tc4.shqtrk.com	1 KB
1	mxpnl.com cdn4.mxpnl.com	25 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
65	13

	Domain	Requested by
11	www.saleshandy.com	www.saleshandy.com
9	www.gstatic.com	www.saleshandy.com translate.googleapis.com docs.google.com www.gstatic.com
9	fonts.gstatic.com	www.saleshandy.com fonts.googleapis.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.saleshandy.com
3	fonts.googleapis.com	docs.google.com
3	www.google.de	www.saleshandy.com
3	www.google.com	www.saleshandy.com
3	translate.googleapis.com	translate.google.com translate.googleapis.com
3	img.saleshandy.com	www.saleshandy.com
3	www.googletagmanager.com	www.saleshandy.com www.googletagmanager.com
2	px.ads.linkedin.com	1 redirects www.saleshandy.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	docs.google.com	www.saleshandy.com www.gstatic.com
2	tc4.shqtrk.com	2 redirects
1	ssl.gstatic.com	www.gstatic.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.linkedin.com	1 redirects
1	cdn4.mxpnl.com	www.saleshandy.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	translate.google.com	www.saleshandy.com
65	21

This site contains links to these domains. Also see Links.

Domain
app.saleshandy.com
ikigai.co.in
help.saleshandy.com
translate.google.com
www.facebook.com
www.linkedin.com
www.youtube.com
twitter.com
chrome.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
img.saleshandy.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-15` - `2022-07-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.saleshandy.com/spam-police/
Frame ID: B8AE1B361940CCF47C35DA0D6B394936
Requests: 54 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true
Frame ID: E01070E2CC6468E5452F995AC2A0EE44
Requests: 1 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true
Frame ID: 808FB8DC88DDD0BA5D4D96463DE713E4
Requests: 16 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5CCFAC4743039911BB71F9D0616CE0D2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SalesHandy Spam Police - SalesHandy

Page URL History Show full URLs

http://tc4.shqtrk.com/ HTTP 301
https://tc4.shqtrk.com/ HTTP 302
https://www.saleshandy.com/spam-police/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js
googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

21
Subdomains

20
IPs

3
Countries

1620 kB
Transfer

5407 kB
Size

21
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://app.saleshandy.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://ikigai.co.in/careers

Search URL Search Domain Scan URL

URL: https://help.saleshandy.com/
Title: Support & Knowledge Base

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: https://www.facebook.com/saleshandy/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/saleshandy

Search URL Search Domain Scan URL

URL: https://www.youtube.com/saleshandy

Search URL Search Domain Scan URL

URL: https://twitter.com/saleshandy

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/email-tracking-scheduling/acfmebaomboldplijdpfepofggkocgnl
Title: 20,000+ users

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tc4.shqtrk.com/ HTTP 301
https://tc4.shqtrk.com/ HTTP 302
https://www.saleshandy.com/spam-police/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=310290&time=1631760628648&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D310290%26time%3D1631760628648%26url%3Dhttps%253A%252F%252Fwww.saleshandy.com%252Fspam-police%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=310290&time=1631760628648&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&liSync=true

65 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.saleshandy.com/spam-police/
Redirect Chain

http://tc4.shqtrk.com/
https://tc4.shqtrk.com/
https://www.saleshandy.com/spam-police/

80 KB
34 KB

89ms
29ms

Document
text/html

104.26.11.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saleshandy.com/spam-police/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64fca8b43e75ba746109c07477a79aae42fa868fa17fbdc7ec07a6dd64457c4

Request headers

:method: GET
:authority: www.saleshandy.com
:scheme: https
:path: /spam-police/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-type: text/html; charset=UTF-8
cf-ray: 68f6c9966ad64107-PRG
age: 3
cache-control: max-age=14400
last-modified: Thu, 16 Sep 2021 02:50:25 GMT
link: <https://www.saleshandy.com/wp-json/>; rel="https://api.w.org/", <https://www.saleshandy.com/wp-json/wp/v2/pages/20755>; rel="alternate"; type="application/json", <https://www.saleshandy.com/?p=20755>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: HIT
cf-apo-via: tcache
cf-edge-cache: cache,platform=wordpress
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-cache-enabled: False
x-httpd: 1
x-pingback: https://www.saleshandy.com/xmlrpc.php
x-proxy-cache: MISS
x-proxy-cache-info: W NC:000000 UP:
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOdvpIMOuKKgHz6XtOJh18coP2Y50MYtB6Im1m1gbmF6KJ9GiyLviCi6ywn7vk5tilBzdNg1jbOAvv2ryNYFdn0taEjlkbYXhbnOzXpgtVDeEQMO7OpvejcFKXww0FXBtBSZQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

Redirect headers

date: Thu, 16 Sep 2021 02:50:28 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://www.saleshandy.com/spam-police/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=824noMHzNjewGXyeRwWuNwAkr8W51Mn1HdFmxXLIjl8mtalT%2Fan4sLjaIyLAphDPh4bpR3GMQgc6LhG%2FWY5WwswFWyRoZHDIsbYFbkhRnASinUT75xRD65uTRuXclvJklA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68f6c995e8836997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 fontawesome-webfont.woff2
www.saleshandy.com/wp-content/plugins/tilt-js_composer/assets/lib/bower/font-awesome/fonts/ 75 KB
76 KB 23ms
22ms Font
font/woff2 104.26.11.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saleshandy.com/wp-content/plugins/tilt-js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-content/plugins/tilt-js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://www.saleshandy.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.saleshandy.com
referer: https://www.saleshandy.com/spam-police/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.saleshandy.com/spam-police/
Origin: https://www.saleshandy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 77160
last-modified: Thu, 07 Mar 2019 07:43:21 GMT
server: cloudflare
etag: "5c80cb99-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbSrVfffmxoMQ9QfiGWFVSV0kuqpIvDUr3x96Lm7CkfRSY8UPt6jTcxkC7zb5Dp6nfwPWIFIgMjzLR4l2JDHFqvTqSw07ApC3ceyEjhLoQZOJoHdya9uuKO0eOHPgvlb2UEjPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68f6c996baee4107-PRG
expires: Fri, 16 Sep 2022 02:50:26 GMT

GET
H2 200 ult-silk.woff
www.saleshandy.com/wp-content/plugins/Ultimate_VC_Addons/assets/css/fonts/ 2 KB
3 KB 38ms
38ms Font
font/woff 104.26.11.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saleshandy.com/wp-content/plugins/Ultimate_VC_Addons/assets/css/fonts/ult-silk.woff
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8641a749b56f41be6413bb213410f8e3d3f5056211cfe3e3c8c294a3dbbfddce

Request headers

:path: /wp-content/plugins/Ultimate_VC_Addons/assets/css/fonts/ult-silk.woff
pragma: no-cache
origin: https://www.saleshandy.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.saleshandy.com
referer: https://www.saleshandy.com/spam-police/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.saleshandy.com/spam-police/
Origin: https://www.saleshandy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 827501
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 2504
last-modified: Sun, 25 Jul 2021 01:28:13 GMT
server: cloudflare
etag: "60fcbe2d-9c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WwvDHSqrXQ9a7putNP7%2FtcDLt7IywWb4FlT%2BXLTMtTNyb2i2c36GpR0pTC45CKSe27DTU5MnbhWfjqlK9lz48dqmKpKFLrnqS%2BHVdmkXBhzPc2VSZvCC8OyxxKpTJO%2FUCeftg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68f6c996baf04107-PRG
expires: Tue, 06 Sep 2022 12:58:47 GMT

GET
H2 200 siteground-optimizer-combined-css-70e19f44baa70f6874ca42a76837c583.css
www.saleshandy.com/wp-content/uploads/siteground-optimizer-assets/ 1 MB
176 KB 38ms
38ms Stylesheet
text/css 104.26.11.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saleshandy.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-70e19f44baa70f6874ca42a76837c583.css
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb96ba0c2081ddbea1d1c78d3940f020d0a2e2353b20f808b895daa93aad36a

Request headers

:path: /wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-70e19f44baa70f6874ca42a76837c583.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.saleshandy.com
referer: https://www.saleshandy.com/spam-police/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/spam-police/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31980
cf-polished: origSize=1487009
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 15 Sep 2021 01:31:37 GMT
server: cloudflare
etag: W/"61414cf9-16b0a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXZnCt2i4g8E9y2VNaXRVTeQiA9W7cYkNu4hZUNNIhEhzXIBRQOIdDqMG5CnBUciDG8k0AB7T%2FmnRpq1Tw4vS1KuPgFXUHa2X61Mo0fiNNdwE1qavS2urwq%2F3%2FHY%2FQ%2BD1QU6NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Thu, 15 Sep 2022 17:57:28 GMT
cache-control: max-age=31536000
cf-ray: 68f6c996baf24107-PRG
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
www.saleshandy.com/wp-includes/js/jquery/ 87 KB
32 KB 37ms
37ms Script
application/javascript 104.26.11.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saleshandy.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.saleshandy.com
referer: https://www.saleshandy.com/spam-police/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/spam-police/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 146013
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Fri, 23 Jul 2021 12:22:36 GMT
server: cloudflare
etag: W/"60fab48c-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwYzaiYPFUO0YoEnRgfLhDmAWbCMWC9IxyqzaJEksPc1zqFq7BJSGXwknb0RKkGbCjTN1xcovTM0evix%2B%2BK8PVQbSosCVKwflM66nlAxeEBZggENLosmGYGvkFhP2llzjjl%2BxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 68f6c996baf34107-PRG
expires: Wed, 14 Sep 2022 10:16:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
40 KB 45ms
19ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-69187250-1

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0c5e7caaab2d658bd64866eb2a1b09a3d64abb767db8d3d0b725493f461d9e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40335
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 00:14:51 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Sep 2021 02:50:28 GMT

GET
H/1.1 200
OK shwhiteopt.png
img.saleshandy.com/wp-content/uploads/20170228093112/ 1 KB
2 KB 77ms
8ms Image
image/png 18.66.97.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.saleshandy.com/wp-content/uploads/20170228093112/shwhiteopt.png
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d3d58c2221a28dfe7db176699282da2db784c7f81e1a70b15711b25ade3e40d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 08 Feb 2021 02:58:55 GMT
Via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 28 Feb 2017 09:31:13 GMT
Server: AmazonS3
Age: 19007494
ETag: "a49782214ba120fc0bbdd88abe7e78d8"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA56-P2
Accept-Ranges: bytes
Content-Length: 1169
X-Amz-Cf-Id: xfeueUS8n03yGfm2ggA5FTvfDGJMebu4mLUyWqKHKILpeNUvYfSCcg==
Expires: Wed, 28 Feb 2018 09:31:12 GMT

GET
H/1.1 200
OK shblackopt.png
img.saleshandy.com/wp-content/uploads/20170228093110/ 1 KB
2 KB 79ms
7ms Image
image/png 18.66.97.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.saleshandy.com/wp-content/uploads/20170228093110/shblackopt.png
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b613af23c50c0c1e36115361538eda8a15262519eb957acad1650d6d231773a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 06:47:13 GMT
Via: 1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 28 Feb 2017 09:31:11 GMT
Server: AmazonS3
Age: 18907396
ETag: "4f57c5752308ce0bddee12df9c680860"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA56-P2
Accept-Ranges: bytes
Content-Length: 1169
X-Amz-Cf-Id: z308vCLdhy_B6PaqctYgccs45FZOL-BQjsxr5jc4aOATkVmsy9N0AQ==
Expires: Wed, 28 Feb 2018 09:31:10 GMT

GET
H2 200 email-decode.min.js Show response
www.saleshandy.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 18ms
18ms Script
application/javascript 104.26.11.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.saleshandy.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.saleshandy.com
referer: https://www.saleshandy.com/spam-police/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/spam-police/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 12:26:08 GMT
server: cloudflare
etag: W/"61375a60-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QL5EQ%2FVE%2BSJiaFnQZN93aZJntGG9Z1NLYOlXvGV7LBxvLirocQf1P2wnGV%2BFMlvR4ROeQEO2kjJyr1H76BSdOhpRO97hjD%2Fri9a8hd3fPRCGI1GcgUt%2B1f6PsySNj93kcPwrSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f6c9971b144107-PRG
vary: Accept-Encoding
expires: Sat, 18 Sep 2021 02:50:28 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 10 KB
4 KB 66ms
26ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

HTTP server (unknown) /

Resource Hash

d4d379e17ad0b0949eabea3c41dbab1a01be1c251e370dbd4d71281b219ff7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: de
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3854
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wp-polyfill.min.js Show response
www.saleshandy.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 24ms
22ms Script
application/javascript 104.26.11.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saleshandy.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

:path: /wp-includes/js/dist/vendor/wp-polyfill.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.saleshandy.com
referer: https://www.saleshandy.com/spam-police/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/spam-police/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 146013
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Fri, 23 Jul 2021 12:22:36 GMT
server: cloudflare
etag: W/"60fab48c-4056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3xXr3dZ6TtjZm9N6EvA2CsYbFr%2Beg2oVWF6m%2F3xsQV8DXhyUAsfwCVWukuMjxWM%2BNc8Qo1zZx5izqMBkyC5MQqB9DFFBod%2Bts5QQeamHFnNPmt7cBTFnqMns23on4sAVsi7yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 68f6c9975b284107-PRG
expires: Wed, 14 Sep 2022 10:16:55 GMT

GET
H2 200 collars-js.min.js Show response
www.saleshandy.com/wp-content/uploads/siteground-optimizer-assets/ 20 KB
7 KB 25ms
23ms Script
application/javascript 104.26.11.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saleshandy.com/wp-content/uploads/siteground-optimizer-assets/collars-js.min.js
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4511e5339e4d20d1083788e236f4349468988a91db04c8686a3836fc9269b36e

Request headers

:path: /wp-content/uploads/siteground-optimizer-assets/collars-js.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.saleshandy.com
referer: https://www.saleshandy.com/spam-police/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/spam-police/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 827500
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Sun, 08 Aug 2021 01:29:28 GMT
server: cloudflare
etag: W/"610f3378-4efc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F87wnjKk%2Fwj8vjxPzj2e6rX4n0EUSiNe7nAxbzlLXflwmLQKhuTlb2lxcO4iohUN97%2FQq6ydxVgXvdkAE7est%2BJsFWusRs32kRpszC6VYCLWeS9UsMukzSwWOSqRQJFOtTCa9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 68f6c9975b294107-PRG
expires: Tue, 06 Sep 2022 12:58:47 GMT

GET
H2 200 siteground-optimizer-combined-js-5e539b464db6cece7f569afa61930f06.js Show response
www.saleshandy.com/wp-content/uploads/siteground-optimizer-assets/ 755 KB
200 KB 33ms
32ms Script
application/javascript 104.26.11.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saleshandy.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-5e539b464db6cece7f569afa61930f06.js
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b044a15287498272aa81ba31bcd5bfbaafe62d0406b883c238fb212a099752fd

Request headers

:path: /wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-5e539b464db6cece7f569afa61930f06.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.saleshandy.com
referer: https://www.saleshandy.com/spam-police/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/spam-police/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31979
cf-polished: origSize=788225
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 15 Sep 2021 01:31:37 GMT
server: cloudflare
etag: W/"61414cf9-c0701"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VlTUpfwSF6GJxAn0SY%2FJiX4Jnmy70di6eWbDMH8mR8Rs0X8Xvy1un7h0PQdZApY5g3kJo8s%2BR5pnZjVh5CVeb6vgNyvtAwRZZU1VgoFos64ftvJfwCqtQ82S47E%2FVz%2FNdxEXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Thu, 15 Sep 2022 17:57:29 GMT
cache-control: max-age=31536000
cf-ray: 68f6c9975b2a4107-PRG
cf-bgj: minify

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
61 KB 58ms
32ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MGWCQPK

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

86bc2baadc5f6672285d6ac2efa152d17edba95d1fec8180204f93e29507259e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62757
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 00:14:51 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Sep 2021 02:50:28 GMT

GET viewform
docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/ Frame E010 0
0

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad2e2288c560d76ad0ee9f4fd7f5f002599e023f84bbfeac0e247a580dbbcdce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK legalSHv1.png
img.saleshandy.com/wp-content/uploads/20180525104348/ 88 KB
88 KB 66ms
8ms Image
image/png 18.66.97.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.saleshandy.com/wp-content/uploads/20180525104348/legalSHv1.png
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad8df61e30761b4d6f14434d187a8c58bf03140f1ca6c36804fa60adcdf1df4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:40:29 GMT
Via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 10:43:49 GMT
Server: AmazonS3
Age: 9900600
ETag: "8e40ba524b1a9fe7f9bf6c5c8a7150fd"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA56-P2
Accept-Ranges: bytes
Content-Length: 89978
X-Amz-Cf-Id: RImGTZ_WX8rAWVB9E0jGx5Xg61IJLw_0F_JCJijisIpDtN-uxNftsQ==
Expires: Sat, 25 May 2019 10:43:48 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFW50e.ttf
fonts.gstatic.com/s/opensans/v23/ 39 KB
25 KB 29ms
7ms Font
font/ttf 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFW50e.ttf

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

bd1744ac02f6cc79ec5ca769795455e2603e09498629838e8cf899e8f8d1c974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.saleshandy.com/
Origin: https://www.saleshandy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 13:22:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24978
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 13:22:15 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOXOhs.ttf
fonts.gstatic.com/s/opensans/v23/ 41 KB
25 KB 35ms
13ms Font
font/ttf 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOXOhs.ttf

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

9f26e85051636ef2146d070b58b46dbcd1bda3ae7c2c2dec4423935c9d67ef58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.saleshandy.com/
Origin: https://www.saleshandy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 23:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25947
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:14 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 23:14:59 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOXOhs.ttf
fonts.gstatic.com/s/opensans/v23/ 40 KB
25 KB 42ms
20ms Font
font/ttf 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOXOhs.ttf

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

fee9c8144628d6de9cb6ed26ab82286961724fa1d847240562e889186bf4c58b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.saleshandy.com/
Origin: https://www.saleshandy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 18:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25835
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Sep 2022 18:00:11 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOXOhs.ttf
fonts.gstatic.com/s/opensans/v23/ 41 KB
26 KB 39ms
16ms Font
font/ttf 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN8rsOXOhs.ttf

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

3b51846e943d639442df6bad1557c02e74a2e879747148552b1149ea0af277a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.saleshandy.com/
Origin: https://www.saleshandy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 17:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26368
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:24:03 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 17:57:15 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 28ms
7ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Sep 2021 03:28:58 GMT

GET
H2 200 main_de.js Show response
translate.googleapis.com/translate_static/js/element/ 7 KB
3 KB 28ms
7ms Script
text/javascript 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main_de.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

sffe /

Resource Hash

b9c5385fe2a7178bca062410e40f687d8656be20d0db09643c1df7eef914a4a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2431
x-xss-protection: 0
last-modified: Mon, 24 May 2021 18:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Thu, 16 Sep 2021 03:05:29 GMT

GET
DATA 200
OK truncated
/ 763 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a5254493fa3104bef3a1bbc32c3c76d0a584faa29a8edc0ef18ea70d036ac1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 904 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cbe6afc433cd38258ea9369ffdd9d943f0b0bcd561259f884faa783dfb265d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1008 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62cf2cfeb14a51973ea07405ee925aad958c6bdbfc6887ff0272545e3b78e8a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5eb5b77055b72987ac358b53d90925e002b60c440585ef7ace76660b349a665e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3797306b2371d81a91896a332c80f656acc4fc6f1dbd1c2e32d765d244fefae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-69187250-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 7108
date: Thu, 16 Sep 2021 00:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 16 Sep 2021 02:52:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 24ms
24ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6HKQ79V48&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-69187250-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

98896a9cd0d27f873ff1ddd2a65484a1e71e55d4902291d408647e7a879d1c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51077
x-xss-protection: 0
expires: Thu, 16 Sep 2021 02:50:28 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 49ms
27ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGWCQPK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14042
x-xss-protection: 0
server: cafe
etag: 5157641309300231189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:50:28 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 23ms
7ms Script
application/x-javascript 2.18.234.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGWCQPK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 02:50:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=79527
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn4.mxpnl.com/libs/ 75 KB
25 KB 35ms
6ms Script
text/javascript 35.186.235.23
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.235.23 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 23.235.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:47:32 GMT
content-encoding: gzip
age: 176
x-guploader-uploadid: ADPycdt3xR_ckvrpZ71Us9UVWSFfIudh8uTJW6JLIq6hzqgWxEVD9RWpQ02S0WXdI2Z_PSXEUfshR_mO86c58r_n3H-l65guIQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 25572
last-modified: Thu, 28 Jan 2021 18:21:54 GMT
server: UploadServer
etag: "765779983eed1c9fc2821b4507eea08b"
vary: Accept-Encoding
x-goog-hash: crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation: 1611858114590219
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 25572
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 16 Sep 2021 02:57:32 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.saleshandy.com/wp-includes/js/ 18 KB
5 KB 21ms
21ms Script
application/javascript 104.26.11.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saleshandy.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-5e539b464db6cece7f569afa61930f06.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js
pragma: no-cache
cookie: shreferer=; sh_ulp=https://www.saleshandy.com/spam-police/
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.saleshandy.com
referer: https://www.saleshandy.com/spam-police/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/spam-police/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 146012
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Fri, 23 Jul 2021 12:22:36 GMT
server: cloudflare
etag: W/"60fab48c-4705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zZu9GC7FUVuOR%2BQIy9TIwrv%2FX6qBFyeHgNpoT7AYaxkL9h8SFnsnx2eJ4C4Z6vV4l%2BIYazCV88iJv6ZYP%2FMCNimYwaDPPXGA%2B%2BYpKfTdmfJ6qWti%2B0mWA7HEq67jdX6ATUgOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 68f6c9982b774107-PRG
expires: Wed, 14 Sep 2022 10:16:56 GMT

GET
H2 200 viewform Show response
docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/ Frame 808F 117 KB
29 KB 275ms
275ms Document
text/html 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

GSE /

Resource Hash

2de5d04afdc0749f1e38ac0249527bb5291a1e4fc53d661e7ca84555960d9c71

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-xx7ibvl2+AxCYiohs1/QxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: docs.google.com
:scheme: https
:path: /forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.saleshandy.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/

Response headers

content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
referrer-policy: strict-origin-when-cross-origin
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-xx7ibvl2+AxCYiohs1/QxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=511=ABh92tF7Ktxu4nJ-3G-CVhE9FRsM675s-4egNpBaC6l5UZ8P0LQND0qekUFLo-rhWirpU0HhVAtsPh4UyUQpexwEO_H_avIS9w2EELQ6HLBNF21OgNPVoHiIbsWOFwklROwrEJvhNw1jASliLQ1lFDxOxJRgcvXZmctam6Eojpw; expires=Fri, 18-Mar-2022 02:50:28 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none S=spreadsheet_forms=JYlO2Zc4BP4nwZgCFQ_nLhie1hKNAkFUzTK7Y0L1SBA; Domain=.docs.google.com; Expires=Thu, 16-Sep-2021 03:50:28 GMT; Path=/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cp-popup-style.min.css
www.saleshandy.com/wp-content/plugins/convertpro/assets/modules/css/ 32 KB
6 KB 23ms
22ms Stylesheet
text/css 104.26.11.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saleshandy.com/wp-content/plugins/convertpro/assets/modules/css/cp-popup-style.min.css
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-5e539b464db6cece7f569afa61930f06.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b9089197219024da317d4b576177cd5a16f20bca1f20b521387957db5449da

Request headers

:path: /wp-content/plugins/convertpro/assets/modules/css/cp-popup-style.min.css
pragma: no-cache
cookie: shreferer=; sh_ulp=https://www.saleshandy.com/spam-police/
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.saleshandy.com
referer: https://www.saleshandy.com/spam-police/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/spam-police/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 146012
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Fri, 27 Aug 2021 01:29:00 GMT
server: cloudflare
etag: W/"61283fdc-81ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGsExoHdWozoRW8%2BbzsU%2FDW9qdAdt3FaKndDdlW%2F5zpYbVEqOv1YAHaaW1amsr%2BYlWUsvuJrYhn%2BNCYD3EbL6f4lV%2BcCkNPo9%2FVlywE2fw5oUoNIA3vtyLW4uJ%2Foc1f5hnkvtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 68f6c9989ba54107-PRG
expires: Wed, 14 Sep 2022 10:16:56 GMT

GET
H3 200 mem5YaGs126MiZpBA-UN_r8OXOhs.ttf
fonts.gstatic.com/s/opensans/v23/ 40 KB
25 KB 36ms
14ms Font
font/ttf 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OXOhs.ttf

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

c57edb1f040ce3ff4cce38ecb69982c8eca501dcaae6df050f7ab64bd6fc87bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.saleshandy.com/
Origin: https://www.saleshandy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 22:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25649
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 22:09:39 GMT

GET
H3 200 element_main.js Show response
translate.googleapis.com/element/TE_20210503_00/e/js/element/ 252 KB
90 KB 22ms
7ms Script
text/javascript 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main_de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

sffe /

Resource Hash

09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 13:28:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91906
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:56:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 13:28:59 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1810368204&t=pageview&_s=1&dl=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&ul=en-us&de=UTF-8&dt=SalesHandy%20Spam%20Police%20-%20SalesHandy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUADRAAAAC~&jid=1344919136&gjid=606244415&cid=139597746.1631760629&tid=UA-69187250-1&_gid=92957962.1631760629&_r=1&gtm=2ou9f0&did=dZTNiMT&z=1641664003

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.saleshandy.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:50:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.saleshandy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
465 B 62ms
20ms XHR
text/plain 74.125.140.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-69187250-1&cid=139597746.1631760629&jid=1394671963&gjid=1451007265&_gid=92957962.1631760629&_u=YGDAiUADRAAAAG~&z=230386962

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.saleshandy.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Sep 2021 02:50:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.saleshandy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 101 KB
40 KB 26ms
22ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PF9MQGQ&t=gtm12&cid=139597746.1631760629

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

f2c4f7036a51d8a36e7c687575bf617be0dc90a85799ed3a6c71ce593d32b3b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40764
x-xss-protection: 0
expires: Thu, 16 Sep 2021 02:50:28 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
6ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1810368204&t=pageview&_s=1&dl=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&ul=en-us&de=UTF-8&dt=SalesHandy%20Spam%20Police%20-%20SalesHandy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiUADRAAAAC~&jid=1394671963&gjid=1451007265&cid=139597746.1631760629&tid=UA-69187250-1&_gid=92957962.1631760629&gtm=2wg9f0MGWCQPK&z=151667387

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 12:59:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49854
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=310290&time=1631760628648&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D310290%26time%3D1631760628648%26url%3Dhttps%253A%252F%252Fwww.saleshandy.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=310290&time=1631760628648&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&liSync=true

0
80 B

136ms
136ms

Image
application/javascript

108.174.11.69
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=310290&time=1631760628648&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&liSync=true
Requested by: Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.11.69 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-11-69.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:50:29 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-eda6
content-type: application/javascript
content-length: 0
x-li-uuid: S8XSnaUtpRbQbQvEnisAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXME+CpJlZr1sCwcDzmwA==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 658673D1F86C41118ED87027D8C2F527 Ref B: PRG01EDGE1017 Ref C: 2021-09-16T02:50:29Z
x-frame-options: sameorigin
date: Thu, 16 Sep 2021 02:50:28 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=310290&time=1631760628648&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/875623304/ 2 KB
2 KB 68ms
28ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875623304/?random=1631760628655&cv=9&fst=1631760628655&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e36004707f19ac1ec4feb8c713f5ce81afc7b1db2c1c75979fb6d73855e04c6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1012
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X6HKQ79V48&gtm=2oe9f0&_p=1810368204&sr=1600x1200&ul=en-us&cid=139597746.1631760629&_s=1&dl=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&dt=SalesHandy%20Spam%20Police%20-%20SalesHandy&sid=1631760628&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6HKQ79V48&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.saleshandy.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:50:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.saleshandy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 22ms
21ms XHR
text/plain 74.125.140.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-69187250-1&cid=139597746.1631760629&jid=1344919136&gjid=606244415&_gid=92957962.1631760629&_u=YGBACUACRAAAAC~&z=1796477245

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.saleshandy.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Sep 2021 02:50:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.saleshandy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated Show response
/ Frame 5CCF 2 KB
2 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
1 KB 28ms
6ms Image
image/png 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:42:03 GMT
x-content-type-options: nosniff
age: 505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Sep 2022 02:42:03 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1000 B 28ms
7ms Image
image/png 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:15:49 GMT
x-content-type-options: nosniff
age: 77679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Sep 2022 05:15:49 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 18ms
7ms Image
image/png 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:32:03 GMT
x-content-type-options: nosniff
age: 1105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Sep 2022 02:32:03 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 40ms
18ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-69187250-1&cid=139597746.1631760629&jid=1394671963&_u=YGDAiUADRAAAAG~&z=1369555476

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 48ms
26ms Image
image/gif 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-69187250-1&cid=139597746.1631760629&jid=1394671963&_u=YGDAiUADRAAAAG~&z=1369555476

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 38ms
17ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-69187250-1&cid=139597746.1631760629&jid=1344919136&_u=YGBACUACRAAAAC~&z=365226678

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 39ms
18ms Image
image/gif 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-69187250-1&cid=139597746.1631760629&jid=1344919136&_u=YGBACUACRAAAAC~&z=365226678

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/875623304/ 42 B
154 B 19ms
19ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/875623304/?random=1631760628655&cv=9&fst=1631757600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&async=1&fmt=3&is_vtc=1&random=2944922725&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/875623304/ 42 B
154 B 18ms
18ms Image
image/gif 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/875623304/?random=1631760628655&cv=9&fst=1631757600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&frm=0&url=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&tiba=SalesHandy%20Spam%20Police%20-%20SalesHandy&async=1&fmt=3&is_vtc=1&random=2944922725&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.saleshandy.com
URL: https://www.saleshandy.com/spam-police/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon
fonts.googleapis.com/ Frame 808F 616 B
462 B 39ms
15ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons+Extended

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

73ad4e783fd1994165100885cd43f2aa89e52f0c8daa11f87962cb6617b7830e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 02:50:28 GMT
server: ESF
date: Thu, 16 Sep 2021 02:50:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Sep 2021 02:50:28 GMT

GET
H3 200 rs=AMjVe6h51PJQUe5QmUPmS9MVCh3EPMGjIQ
www.gstatic.com/_/freebird/_/ss/k=freebird.v.1xlvsz15gt5iy.L.W.O/d=1/ Frame 808F 402 KB
49 KB 22ms
8ms Stylesheet
text/css 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.1xlvsz15gt5iy.L.W.O/d=1/rs=AMjVe6h51PJQUe5QmUPmS9MVCh3EPMGjIQ

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

4707dd31d9f4f00972f4ea9829eb2cfebc84b0d32180839554cb4202c51bebc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 15:12:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49996
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 18:45:50 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 15:12:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 808F 13 KB
1 KB 38ms
15ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

8e2633b749310981ac845b0b710780cbe5cfc7edf311994493cf2df8c52cbe86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 02:14:33 GMT
server: ESF
date: Thu, 16 Sep 2021 02:50:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Sep 2021 02:50:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 808F 1 KB
529 B 38ms
15ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

8815526f7d2667c75297c2094dace87a1aeb879f5f79e17195cd077a783b03c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 02:17:23 GMT
server: ESF
date: Thu, 16 Sep 2021 02:50:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Sep 2021 02:50:28 GMT

GET
H3 200 googlelogo_dark_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame 808F 1 KB
712 B 7ms
7ms Image
image/svg+xml 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 00:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 354439
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 689
x-xss-protection: 0
expires: Mon, 12 Sep 2022 00:23:09 GMT

GET
H3 200 m=viewer_base Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.BqOWIr7Hx_U.O/d=1/rs=AMjVe6hMLG7mThL2n_vSJQaxlDA8Rt-5SQ/ Frame 808F 338 KB
110 KB 8ms
8ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.BqOWIr7Hx_U.O/d=1/rs=AMjVe6hMLG7mThL2n_vSJQaxlDA8Rt-5SQ/m=viewer_base

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

b3a9ab7ceaf33aa199b2c857da772f73b01fd128d1418bba2b68995787d3546b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 11:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112164
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 16:55:05 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 11:51:42 GMT

GET
H2 200 qp_sprite147.svg
ssl.gstatic.com/docs/forms/ Frame 808F 113 KB
13 KB 30ms
7ms Image
image/svg+xml 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/forms/qp_sprite147.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.1xlvsz15gt5iy.L.W.O/d=1/rs=AMjVe6h51PJQUe5QmUPmS9MVCh3EPMGjIQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

5619e988db22ffaee92a69f342383d0c997836bba93eb317293276c1b5e08c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 06:59:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 330664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 06:59:24 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 808F 21 KB
21 KB 13ms
13ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://docs.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:08:17 GMT
x-content-type-options: nosniff
age: 168131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 04:08:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 808F 15 KB
15 KB 16ms
15ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://docs.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:03:18 GMT
x-content-type-options: nosniff
age: 168430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 04:03:18 GMT

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 808F 21 KB
21 KB 21ms
21ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://docs.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 08:44:05 GMT
x-content-type-options: nosniff
age: 151583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 08:44:05 GMT

GET
H3 200 pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v13/ Frame 808F 34 KB
34 KB 25ms
25ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/productsans/v13/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://docs.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 08:52:32 GMT
x-content-type-options: nosniff
age: 151076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35140
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 08:52:32 GMT

GET
H3 200 m=MpJwZc,n73qwf,NpD4ec,ws9Tlc,sy0,syx,syy,syz,sy1,sy10,sy1c,sy2v,sy2w,V3dDOb,sy2i,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy19,sy18,OShpD,syw,sy14,sy1d,sy11,sy1e,sy1m,sy3t,A4UTCb,sy2,xiqF3,owcnme,De38hd,sy22,... Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.BqOWIr7Hx_U.O/d=0/rs=AMjVe6hMLG7mThL2n_vSJQaxlDA8Rt-5SQ/ Frame 808F 390 KB
122 KB 22ms
8ms XHR
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.BqOWIr7Hx_U.O/d=0/rs=AMjVe6hMLG7mThL2n_vSJQaxlDA8Rt-5SQ/m=MpJwZc,n73qwf,NpD4ec,ws9Tlc,sy0,syx,syy,syz,sy1,sy10,sy1c,sy2v,sy2w,V3dDOb,sy2i,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy19,sy18,OShpD,syw,sy14,sy1d,sy11,sy1e,sy1m,sy3t,A4UTCb,sy2,xiqF3,owcnme,De38hd,sy22,Sk9apb,J8mJTc,UUJqVe,eFy6Rc,CP1oW,syr,KornIe,sy2k,gZjhIf,syi,syg,sy1r,sy15,sy1s,pxq3x,syu,sy2j,O6y8ed,sy32,sy3i,sy33,syb,sy3j,sy3s,Xhpexc,Q91hve,sy9,sy3,sy2o,sy2p,mRfQQ,sy3e,sy3d,CFa0o,sy3u,VXdfxd,sy36,sy37,sy34,sy3a,sy35,sy38,sy3b,Y9atKf,sy39,sy3c,s39S4,wPRNsd,sy1p,ENNBBf,L1AAkb,sy1a,KUM7Z,QvB8bb,bCfhJc,sy2l,syc,u9ZRK,pItcJd,yZuGp,aW3pY,sy2s,sy2t,sy2u,I6YDgd,sy3v,N5Lqpc,sy1g,sy1h,sy1b,sy1i,sy1j,sy1t,uiNkee,sy1f,sy1k,sy1l,sy1n,sy1o,sy1q,sy1u,fgj8Rb,sy5c,sy5d,sy5e,xQtZb,IvDHfc,sy31,sy3w,sy30,sy3p,EcW08c,sy3x,sy3y,t8tqF,sy13,p2tbsc,d8PXFf,atgb9d,sy1v,sy1w,sy1x,sy1y,LxALBf,rHjpXd,sy49,SM1lmd,QwQO1b,WdhPgc,JCrucd,ok0nye,sy45,sy2y,sy2q,sy3k,sy44,sy46,sy47,sy2z,sy3f,sy3l,sy43,sy3g,sy40,sy41,sy42,sy3m,sy3n,sy3o,sy3q,sy3z,sbHRWb,RGrRJf,OkF2xb,oZECf,sy3r,hYei2d,pFu8T,sy17,TOfxwf,sy4c,sy4d,sy4m,lSvzH,yUS4Lc,KOZzeb,D8e5bc,UmOCme,sy48,oCiKKc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.BqOWIr7Hx_U.O/d=1/rs=AMjVe6hMLG7mThL2n_vSJQaxlDA8Rt-5SQ/m=viewer_base

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

91380ff45b992206ee2534a2aa3c1eb2677a6b45af75b7f6bc6bd16d3ab264fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 14:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125335
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 18:45:50 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 14:35:20 GMT

GET
H3 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ Frame 808F 78 KB
28 KB 7ms
7ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.BqOWIr7Hx_U.O/d=0/rs=AMjVe6hMLG7mThL2n_vSJQaxlDA8Rt-5SQ/m=MpJwZc,n73qwf,NpD4ec,ws9Tlc,sy0,syx,syy,syz,sy1,sy10,sy1c,sy2v,sy2w,V3dDOb,sy2i,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy19,sy18,OShpD,syw,sy14,sy1d,sy11,sy1e,sy1m,sy3t,A4UTCb,sy2,xiqF3,owcnme,De38hd,sy22,Sk9apb,J8mJTc,UUJqVe,eFy6Rc,CP1oW,syr,KornIe,sy2k,gZjhIf,syi,syg,sy1r,sy15,sy1s,pxq3x,syu,sy2j,O6y8ed,sy32,sy3i,sy33,syb,sy3j,sy3s,Xhpexc,Q91hve,sy9,sy3,sy2o,sy2p,mRfQQ,sy3e,sy3d,CFa0o,sy3u,VXdfxd,sy36,sy37,sy34,sy3a,sy35,sy38,sy3b,Y9atKf,sy39,sy3c,s39S4,wPRNsd,sy1p,ENNBBf,L1AAkb,sy1a,KUM7Z,QvB8bb,bCfhJc,sy2l,syc,u9ZRK,pItcJd,yZuGp,aW3pY,sy2s,sy2t,sy2u,I6YDgd,sy3v,N5Lqpc,sy1g,sy1h,sy1b,sy1i,sy1j,sy1t,uiNkee,sy1f,sy1k,sy1l,sy1n,sy1o,sy1q,sy1u,fgj8Rb,sy5c,sy5d,sy5e,xQtZb,IvDHfc,sy31,sy3w,sy30,sy3p,EcW08c,sy3x,sy3y,t8tqF,sy13,p2tbsc,d8PXFf,atgb9d,sy1v,sy1w,sy1x,sy1y,LxALBf,rHjpXd,sy49,SM1lmd,QwQO1b,WdhPgc,JCrucd,ok0nye,sy45,sy2y,sy2q,sy3k,sy44,sy46,sy47,sy2z,sy3f,sy3l,sy43,sy3g,sy40,sy41,sy42,sy3m,sy3n,sy3o,sy3q,sy3z,sbHRWb,RGrRJf,OkF2xb,oZECf,sy3r,hYei2d,pFu8T,sy17,TOfxwf,sy4c,sy4d,sy4m,lSvzH,yUS4Lc,KOZzeb,D8e5bc,UmOCme,sy48,oCiKKc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

fb953a129c519ab5b61343a78dec39d6421f93f36962cb97a6d3a0e4586bedf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 18:25:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="product-feedback-gathering"
expires: Thu, 16 Sep 2021 02:55:43 GMT

GET
H3 200 m=sy3h,sWGJ4b,syo,syn,syp,sy4i,EGNJFf,iSvg6e,sy4h,uY3Nvd Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.BqOWIr7Hx_U.O/d=0/rs=AMjVe6hMLG7mThL2n_vSJQaxlDA8Rt-5SQ/ Frame 808F 46 KB
46 KB 8ms
8ms XHR
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.BqOWIr7Hx_U.O/d=0/rs=AMjVe6hMLG7mThL2n_vSJQaxlDA8Rt-5SQ/m=sy3h,sWGJ4b,syo,syn,syp,sy4i,EGNJFf,iSvg6e,sy4h,uY3Nvd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.BqOWIr7Hx_U.O/d=1/rs=AMjVe6hMLG7mThL2n_vSJQaxlDA8Rt-5SQ/m=viewer_base

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6bd7ddff552d771bb9e4b62fa2447185b3516f2f52fc242831f13a840dbdc6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 12:51:00 GMT
x-content-type-options: nosniff
age: 136769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46861
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 16:55:05 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 12:51:00 GMT

POST
H3 204 naLogImpressions Show response
docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/ Frame 808F 0
13 B 333ms
318ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/naLogImpressions

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.BqOWIr7Hx_U.O/d=1/rs=AMjVe6hMLG7mThL2n_vSJQaxlDA8Rt-5SQ/m=viewer_base

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-wSBp1cBB8/Q8AdnfuhUe5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:50:29 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-wSBp1cBB8/Q8AdnfuhUe5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: GSE
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1810368204&t=timing&_s=2&dl=https%3A%2F%2Fwww.saleshandy.com%2Fspam-police%2F&ul=en-us&de=UTF-8&dt=SalesHandy%20Spam%20Police%20-%20SalesHandy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1327&pdt=20&dns=22&rrt=71&srt=29&tcp=37&dit=376&clt=485&_gst=386&_gbt=542&_cst=280&_cbt=378&_u=aGDAiUADRAAAAG~&jid=&gjid=&cid=139597746.1631760629&tid=UA-69187250-1&_gid=92957962.1631760629&gtm=2wg9f0MGWCQPK&z=313903854

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saleshandy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 12:59:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49855
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw/viewform?embedded=true

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.docs.google.com/forms/d/e/1FAIpQLSewvRzPPWbGS6tz6AzLPvbEJ0TxauF6HtmxNZwrlSsPRKAiYw	1970-01-19 21:16:04	Name: S Value: spreadsheet_forms=JYlO2Zc4BP4nwZgCFQ_nLhie1hKNAkFUzTK7Y0L1SBA
.saleshandy.com/	1970-01-20 06:01:36	Name: shreferer Value:
.saleshandy.com/	1970-01-20 06:01:36	Name: sh_ulp Value: https://www.saleshandy.com/spam-police/
www.saleshandy.com/	1970-01-20 06:01:36	Name: cookielawinfo-checkbox-necessary Value: yes
www.saleshandy.com/	1970-01-20 06:01:36	Name: cookielawinfo-checkbox-non-necessary Value: yes
.saleshandy.com/	1970-01-19 21:17:27	Name: _gid Value: GA1.2.92957962.1631760629
.saleshandy.com/	1970-01-19 21:16:00	Name: _gat_gtag_UA_69187250_1 Value: 1
.saleshandy.com/	1970-01-19 21:16:00	Name: _dc_gtm_UA-69187250-1 Value: 1
.saleshandy.com/	1970-01-20 06:01:36	Name: mp_e3cf3162ba59594dc0092174fbc217fc_mixpanel Value: %7B%22distinct_id%22%3A%20%2217bec833bb6387-0f0a47af14cf4b-c343365-1d4c00-17bec833bb765d%22%2C%22%24device_id%22%3A%20%2217bec833bb6387-0f0a47af14cf4b-c343365-1d4c00-17bec833bb765d%22%7D
.saleshandy.com/	1970-01-20 06:01:36	Name: mp_253dbcc3c9cbac771923a0687bd233d4_mixpanel Value: %7B%22distinct_id%22%3A%20%2217bec833bb9179-05744950a72e07-c343365-1d4c00-17bec833bba1222%22%2C%22%24device_id%22%3A%20%2217bec833bb9179-05744950a72e07-c343365-1d4c00-17bec833bba1222%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.saleshandy.com/	1970-01-20 14:47:12	Name: _ga_X6HKQ79V48 Value: GS1.1.1631760628.1.0.1631760628.0
.saleshandy.com/	1970-01-20 14:47:12	Name: _ga Value: GA1.1.139597746.1631760629
.doubleclick.net/	1970-01-19 21:16:01	Name: test_cookie Value: CheckForPermission
.google.com/	1970-01-20 01:39:31	Name: NID Value: 511=ABh92tF7Ktxu4nJ-3G-CVhE9FRsM675s-4egNpBaC6l5UZ8P0LQND0qekUFLo-rhWirpU0HhVAtsPh4UyUQpexwEO_H_avIS9w2EELQ6HLBNF21OgNPVoHiIbsWOFwklROwrEJvhNw1jASliLQ1lFDxOxJRgcvXZmctam6Eojpw
.linkedin.com/	1970-01-19 21:59:12	Name: UserMatchHistory Value: AQI7IYbn5JrWSAAAAXvsgzzpTyckjqfpkxc3r5XfyFrrS2mDe3flkHIRTiOW_S6FDNc5IEGnsjIlCA
.linkedin.com/	1970-01-19 21:59:12	Name: AnalyticsSyncHistory Value: AQI4SKU_PzPoSAAAAXvsgzzpgF8er1tRRmzZ0xvjcYLkHtbtPD6u3Cz8VSKh8gpoyJZgfvbT9yGcZuGkoX-6Qg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:47:54	Name: bcookie Value: "v=2&7a1aaef4-b766-498d-84e8-8214e34f5cce"
.linkedin.com/	1970-01-19 21:17:27	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2149:u=1:x=1:i=1631760628:t=1631847028:v=2:sig=AQHkeScc9uNICHdhzyl7-pEKjlKx2EId"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:47:54	Name: bscookie Value: "v=1&20210916025029c66d1fe7-8e47-4a54-8213-5b254488f0bdAQHCDDUhx9tHIjy589em7RxlI0eWMOsf"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn4.mxpnl.com
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.saleshandy.com
px.ads.linkedin.com
snap.licdn.com
ssl.gstatic.com
stats.g.doubleclick.net
tc4.shqtrk.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.saleshandy.com
docs.google.com
104.21.52.221
104.26.11.176
108.174.11.69
13.107.42.14
142.250.181.232
142.250.184.202
142.250.184.227
142.250.185.110
142.250.185.164
142.250.185.194
142.250.185.202
142.250.185.238
142.250.185.99
142.250.186.66
142.250.186.67
142.250.186.78
18.66.97.7
2.18.234.132
35.186.235.23
74.125.140.156
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
0c5e7caaab2d658bd64866eb2a1b09a3d64abb767db8d3d0b725493f461d9e9a
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1d3d58c2221a28dfe7db176699282da2db784c7f81e1a70b15711b25ade3e40d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1
2de5d04afdc0749f1e38ac0249527bb5291a1e4fc53d661e7ca84555960d9c71
3b51846e943d639442df6bad1557c02e74a2e879747148552b1149ea0af277a0
3cbe6afc433cd38258ea9369ffdd9d943f0b0bcd561259f884faa783dfb265d2
4511e5339e4d20d1083788e236f4349468988a91db04c8686a3836fc9269b36e
4707dd31d9f4f00972f4ea9829eb2cfebc84b0d32180839554cb4202c51bebc7
4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3
5619e988db22ffaee92a69f342383d0c997836bba93eb317293276c1b5e08c1a
57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5eb5b77055b72987ac358b53d90925e002b60c440585ef7ace76660b349a665e
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
62cf2cfeb14a51973ea07405ee925aad958c6bdbfc6887ff0272545e3b78e8a0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6bd7ddff552d771bb9e4b62fa2447185b3516f2f52fc242831f13a840dbdc6c9
73ad4e783fd1994165100885cd43f2aa89e52f0c8daa11f87962cb6617b7830e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8641a749b56f41be6413bb213410f8e3d3f5056211cfe3e3c8c294a3dbbfddce
86bc2baadc5f6672285d6ac2efa152d17edba95d1fec8180204f93e29507259e
8815526f7d2667c75297c2094dace87a1aeb879f5f79e17195cd077a783b03c5
8a5254493fa3104bef3a1bbc32c3c76d0a584faa29a8edc0ef18ea70d036ac1e
8e2633b749310981ac845b0b710780cbe5cfc7edf311994493cf2df8c52cbe86
91380ff45b992206ee2534a2aa3c1eb2677a6b45af75b7f6bc6bd16d3ab264fa
98896a9cd0d27f873ff1ddd2a65484a1e71e55d4902291d408647e7a879d1c7c
9b613af23c50c0c1e36115361538eda8a15262519eb957acad1650d6d231773a
9f26e85051636ef2146d070b58b46dbcd1bda3ae7c2c2dec4423935c9d67ef58
ad2e2288c560d76ad0ee9f4fd7f5f002599e023f84bbfeac0e247a580dbbcdce
ad8df61e30761b4d6f14434d187a8c58bf03140f1ca6c36804fa60adcdf1df4e
b044a15287498272aa81ba31bcd5bfbaafe62d0406b883c238fb212a099752fd
b3a9ab7ceaf33aa199b2c857da772f73b01fd128d1418bba2b68995787d3546b
b64fca8b43e75ba746109c07477a79aae42fa868fa17fbdc7ec07a6dd64457c4
b9c5385fe2a7178bca062410e40f687d8656be20d0db09643c1df7eef914a4a5
bd1744ac02f6cc79ec5ca769795455e2603e09498629838e8cf899e8f8d1c974
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2b9089197219024da317d4b576177cd5a16f20bca1f20b521387957db5449da
c3797306b2371d81a91896a332c80f656acc4fc6f1dbd1c2e32d765d244fefae
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c57edb1f040ce3ff4cce38ecb69982c8eca501dcaae6df050f7ab64bd6fc87bc
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d4d379e17ad0b0949eabea3c41dbab1a01be1c251e370dbd4d71281b219ff7f3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e36004707f19ac1ec4feb8c713f5ce81afc7b1db2c1c75979fb6d73855e04c6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb96ba0c2081ddbea1d1c78d3940f020d0a2e2353b20f808b895daa93aad36a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4f7036a51d8a36e7c687575bf617be0dc90a85799ed3a6c71ce593d32b3b0
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
fb953a129c519ab5b61343a78dec39d6421f93f36962cb97a6d3a0e4586bedf4
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
fee9c8144628d6de9cb6ed26ab82286961724fa1d847240562e889186bf4c58b

www.saleshandy.com Open in urlscan Pro 104.26.11.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

0 %IPv6

13 Domains

21 Subdomains

20 IPs

3 Countries

1620 kBTransfer

5407 kBSize

21 Cookies

9 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.saleshandy.com Open in urlscan Pro
104.26.11.176 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

21
Subdomains

20
IPs

3
Countries

1620 kB
Transfer

5407 kB
Size

21
Cookies

65 HTTP transactions
7 data transactions